Slashback: Picnic, Neonapster, Microsoft

Slashback tonight with some good news about Linux Weekly News, an annual update for interested picnic-goers, a followup on Neonapster, and a few words of caution on Microsoft's approach to code disclosure. Read on below for the details.

Look at the nice horse they left. babbage writes "As part of ongoing antitrust settlement arrangements, Microsoft has 'opened' the source code to some of their protocol implementation source code. Go ahead and read the license -- but do keep an eye on the NDA you have to agree to first. If you find an NDA to be an objectionable first step -- and I'll admit, I haven't read the license because I don't agree to the NDA terms -- then speak up about it. The Department of Justice is accepting public comments from industry professionals about the new licensing terms. There is a real concern that such pseudo-open licensing could effectively scuttle development efforts on projects like Samba & Mono, but we need to get open access to the license in order to figure out what the risks are. If you have anything to contribute, now is the time to speak up to the DOJ."

Bring your own herring. Bill Kendrick writes: "From the folks who brought you the immensely popular "Linux10" event, comes Picn*x11, a picnic/barbecue celebrating 11 years of the Linux operating system. It's going to be held in Sunnyvale again, the Saturday after LinuxWorld Expo. So go RSVP now, and get your Picn*x11 t-shirt! (Proceeds go to EFF)"

With enough eyeballs many programs seem shallow, too. TheMMaster writes "Neonapster seems to have GPL'd their software, you can download the source here, not that I am terribly happy with what happened, but at least this seems to have been settled out of court ;) of course... it is still a cheap cdex rip off ;)"

LWN is good reading. Keck writes "We all shed a tear for Linux Weekly News a little too soon maybe?

Yes, we know we said there would be no LWN.net Weekly Edition this time around, but, in the end, it was worth the trouble to put together a mini version. So here it is; with luck, the full Weekly will be back on August 15. "

Difference

Neonapster is not a rippoff of cdex...its a gnutellla filesharing app....its NeoAudio thats the Cdex ripoff...i recommend cdex to anyone ripping cds, ive used it for year and its great

Re:Difference

[Istealmymusic]

Neonapster is not a rippoff of cdex.

Correct. NeoNapster ripped off CDex to create NeoAudio. NeoNapster is not only a Gnutella servant, its also the collective name of the people who make it. Thats why you can download NeoAudio from NeoNapster.com.

The source code isn't new

[spectral]

The source code [for NeoNapster's softwares] has been at that exact same link since the story first hit slashdot front page. It's just some people are too quick to yell about violations, and not check what's actually going on. So yeah, it's good a "front page" story cleared up the issue, but it shouldn't make it sound like they just changed it, since it's been there the entire time.

Comments at download.com

[Mr.+PJR]

Those of you who registered your disgust with NeoAudio at download.com might want to take a look at the comments page--every commment prior to 7 August has been deleted. Magically their rating seems to have jumped. go figure http://download.com.com/3302-2140-10137006.html

Re:Comments at download.com

[Mwongozi]

Well I just left a new negative comment, and I can only encourage others to do the same.

whats the news with MS

Well, I looked at their protocols that they're "opening" - nothing earth shuttering.. USB, FireWire, IPv6 and stuff like that are already available and running well under Linux and other open source OS's...

I don't see anywhere that MS gives the Exchange protocol for example, so whats the point?

Also- regarding LWN, most of the donations have been bounced back due to some stupid company thinking, so PLEASE re-send them your donations by other ways (PayPal etc..)

Re:whats the news with MS

[Guy+Harris]

Well, I looked at their protocols that they're "opening" - nothing earth shuttering.. USB, FireWire, IPv6 and stuff like that are already available and running well under Linux and other open source OS's...

If what you looked at was the list of "Microsoft Communications Protocol Program Standards and Other Published Protocols", that's not a list of the formerly-closed protocols for which they're publishing information, it is, as they say on that page:

If the protocols used for communication between Windows 2000 and Windows XP client operating systems and Microsoft Windows NT Server, Windows 2000 Server and Windows .NET Server operating systems are already published by third parties, those protocols are listed below for your reference. Many of the reference documents for the protocols identified below are available online. For each of the communications protocols listed below, a link is included that points to either the most recent version of the specification document (of which Microsoft has been apprised at the time this listing was prepared) or, if not available, to the Web site of the source for the published documentation for the protocol. Third-party sources of this documentation and information are solely responsible for their published information and its availability at these links.

a list of already published protocols that they use.

Only one of them is a Microsoft-proprietary protocol, namely CIFS (and even that has been published elsewhere). In fact, on the Microsoft Settlement Program Communications Protocol Program page, which links to that other page, they quite explicitly say that those protocols are not being licensed under this program:

In connection with the proposed Consent Decree, Microsoft is making certain client-server communication protocols available for license by third parties. Many of the communications protocols used for communications between Windows client and server operating systems have been developed and are available through standards organizations or are published and available from third party sources. Microsoft is identifying the standards-based and other published protocols used by Microsoft Windows 2000 and Windows XP operating systems to interoperate or communicate with Microsoft server operating systems and is providing a link to a source for documentation of these published protocols, where available. These published protocols will not be licensed pursuant to the Communications Protocol Program license agreements. To view a list of these standards and other published protocols, click here.

There's probably some legal reason why they have to, or think they have to, enumerate all those protocols, even though you don't have to license most of them from Microsoft or sign an NDA or anything.

Re:whats the news with MS

[$rtbl_this]

From the tone of your mail, it sounds like you're chastising LWN for only accepting PayPal at the moment. I don't think this is especially fair as it appears the reason they've had to fall back to only using PayPal is that their credit card clearing company did the same kind of shitty thing to them as PayPal did to you.

They do say in the article that they're shopping around for a new clearing company. Maybe you'll feel differently about donating when they find one.

Re:Problem number one...

[WEFUNK]

If you decide to continue anyways the next page begins:

Microsoft Communications Protocol Program
NDA Request Form Instructions

The first step in the Microsoft Communications Protocol Program is to obtain and sign a Non-Disclosure Agreement (NDA). To request an NDA, click on the link below and complete the request form... to facilitate confirmation of your request and avoid possible delays, it is important to use a Passport account with a verified e-mail address from a domain used by your company. Requests submitted using e-mail addresses from unrestricted or anonymous email domains (e.g., Hotmail) will not be handled without direct contact and verification from the company involved.

...and I thought my Hotmail account was my Passport. Well lets try anyway...

If you keep on going, logging in with your Passport you'll probably hit this page:

Microsoft Communications Protocol Program
NDA Request -- Passport Configuration

Which basically asks you to set up your Passport account to share your personal (although probably inaccurate) information with all Passport Services before you can even get to the protocol NDA request page...

Ummm, No thanks.

Some key points - cliffnotes for monopoly abuse

Using fair use rights to quote and snip sections of the Microsoft faq...

"...Microsoft will make available, on reasonable and non-discriminatory terms, any communications protocol implemented in a Windows 2000 Professional, Windows XP or successor desktop operating system that is used to interoperate or communicate natively with a Microsoft server operating system..."

"...Microsoft's Communications Protocol Program will make available for license by others, on a royalty basis, more than 100 proprietary protocols that were not previously available. These protocols can be used, in accordance with the license and payment agreement terms, to develop a broad range of server software products that use the protocols solely to interoperate or communicate with the covered Windows client operating systems..."

"... Consistent with industry practice, licensees of these protocols are required to protect Microsoft's intellectual property appropriately and are further obligated to pay specified royalties for the use of the licensed communications protocols and associated intellectual property..."

"...Third parties that want to license protocol information related to authentication and digital rights management must also pass an entry requirement related to their ability to reliably and responsibly maintain the security of this information and integrity of such systems..."

and finally...

"...Five years, but a licensee may also sign up to a new license at any point up until the end of the consent decree - which has a five year term. Throughout the term of the consent decree we will continue to make the covered protocols available on reasonable and non-discriminatory terms..."

Philly picnic

[reflexreaction]

I went to my first Philly LUG yesterday, and look forward to celebrating the 11 anniversary of Linux at a the FDR park in south Philly near the stadium. Check out the PLUG's webpage. For those of you who weren't there. There is also going to be a hardware swap on the Saturday before the picnic. Unupdated information is available here

CDex author warns of using NeoAudio

[Istealmymusic]

cdex.n3.net has been updated with a message from Alber L Faber:

There is an application called NeoAudio, which is a straight CDex rip off. They changed some string (i.e. replace CDex with NeoAudio), changed the logo and added some nice SpyWare and Adware. I contacted Richard M. Stallman about this issue, but unfortunately I can not do much about it, except for the fact that they are removing/changing copyright strings which they should not. So please do not download and install NeoAudio (they probably make quite a few dollars by shipping the adware) and also advice other people NOT to download NeoAudio either, and warn innocent users not to download this application but download CDex instead.

In addition there is a small but worthwhile discussion over at Freedb. Some Slashdotters have missed the fact that Mr. Faber does not claim NeoAudio violates the license, he is merely suggesting potential users make informed decisions on whether to use CDex or NeoAudio. Logically, there is no reason to use NeoAudio -- it offers no improvements over CDex.

Of course, there's always Exact Audio Copy, which has proved itself in the mp3 scene as the de-facto standard for ripping.

...and the next page

[Ian+Peon]

for those who don't want to sign up for passport (my company uses it - sigh).

Microsoft Communications Protocol Program
NDA Request Form

Complete the form below and click the "Submit" button to request a Non-Disclosure Agreement (NDA) for the Microsoft Communications Protocol Prgoram. You will need to sign and return this specific Prgoram NDA even if your company has signed some other type of NDA with Microsoft.
Required questions are marked with an asterisk (*). Although a DUNS number is not required to request an NDA, it will be required at the time of submission of the signed NDA to proceed through the license process. The information you provide will be retained by Microsoft, associated with your Passport authentication account, and used throughout the license process and for all correspondence in the Program. Subject to confirmation, the NDA will be sent to the address provided on this form.

*Company Legal Name: required

*Company Mailing Address: required

*Company City: required

*Company State or Province: required

*Company Postal Code: required

*Company Country: required

*Phone Area code: required

*Phone Number: required

Fax Area code:

Fax Number:

*Company Contact First Name: required

*Company Contact Last Name: required

*Company Contact Email: required

*Company Type: Corporation Partnership Sole Proprietor Other required
If "Other", enter here: required

*Legal Jurisdiction where Company is organized: required

Company DUNS Number

The D&B DUNS Number is a unique nine-digit identification sequence assigned by the D&B Corporation, which provides unique identifiers of individual business entities, while also linking corporate family structures together. For more information visit www.dnb.com.

Not deleted. Still There.

[----]

Technically, the product was 'updated'.

You can still access the old comments thru this url. http://download.com.com/3302-2140-10132447.html?ob =0&pn=1&fb=2 (378 comments strong)

And if you click on the 'NeoAudio' link in the bar labelled "CNET > Downloads > Windows > Audio > Rippers & Encoders > NeoAudio > User Opinions" you will see this 'update' message.

Once you do this, you will be brought to the new comments section for the updated neoaudio. Which resides on http://download.com.com/3302-2140-10137006.html?ob =0&pn=1&fb=0 (at 32 comments and increasing)

This makes me curious. Can an author of a product on download.com simply erase a ton of bad publicity on it's own by simply releasing minor point releases every couple of days ?

Limewire does that too themselves

[iamr00t]

The LimeWire Basic has some adware.
http://www.limewire.com/

But there's also GPLed source code now (not very easy to compile though).
http://www.limewire.org/

download.com's policy

[Mentally_Overclocked]

Its rather interesting that the comments about the NeoNapster software were removed but CNET services reserve the right to do so. This is the list of their guidelines - so I imagine they figured we were just upset and decided to delete everything.
Guidelines

When sharing your opinion of a product, please observe the following do's and don'ts.

Do's

Do be succinct, accurate, constructive and objective.

Do compare the product to other competing products (or to previous versions of this product) that you've used.

Do provide examples of how the product or its manufacturer did or did not meet your expectations.

Dont's

Don't use offensive language.
Don't submit an opinion of the product if you don't own or have first-hand experience with it.
Don't submit more than one opinion of the product.
Don't submit an opinion of the product if your company makes or resells it, or makes or resells a product that competes with it. (CNET intends to create vendor-response opportunities in the future.)
Don't submit any self-serving, commercial links or comments.
You must be 13 years of age or older to submit personal information to CNET. In compliance with the Children's Online Privacy Protection Act of 1998, CNET is no longer accepting name and e-mail address information from users who are under 13 years of age.

All submitted ratings and written comments become the sole property of CNET, Inc. (CNET) and may be used at CNET's sole discretion. Ratings and written comments are generally posted within two to four business days. However, CNET reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET, are responsible for the contents of your submission. [http://download.com.com/1200-20-861626.html]

Re: It's a nefarious trap!

[rickst29]

I'm appalled to see the preceeding post scored as a zero. The M$ program requires a reasonsible business "company", which is antithetical to the Open Software Development model; it appears to require an NDA, which is absolutely 100% incompatible with Open Software; and resulting agreements may very well require per-seat licensing, which is also 100% incompatible with Open Software. (Greedy companies have recently been labeling low cost licenses as "RAND", Reasonable And Non-Descriminatory. But if there is *any* cost at all, it *is* discriminatory and unnaceptable.

Anonymous Coward's fear that this could be interpreted as "available" by US Courts is well-founded. We should *HAMMER* the Court with comments that (1) this program must not be used to place *any* restriction upon the rights of any person or group of persons to reverse-engineer Microsoft System Behavior; and perhaps (2) that to assist in re-establishing a competitive marketplace, Microsoft should be required to release all of this information to the general public, on a website, without registration or even cookies of any kind. (After all, they were found GUILTY. Why is the DOJ acting like the plaintiffs lost the case?)

I previously submitted comments regarding discrimination against Open Software developers in this section of the RPFJ, and they didn't change the wording of the relevant section by a single word. Perhaps the unnaceptable wording in this section was inspired by a large campaign contribution from Micrsoft to the failed Senate campaign of Mr. Ashcroft. In any case, it remains a BIG PROBLEM and the plaintiff attorneys need to hear from us now, in large numbers, with careful arguments. After all, they're supposed to be working for us.

Re:Problem number one... It's a nefarious trap!![B

[sholton]

An Anonymous Coward Wrote:

I see two problems. First, for people who wish to clone a MS program that uses a feature revealed under this program, it makes it easier for Microsoft to prevail in a copyright suit because you'll never be able to establish that you didn't have access to MS code.

You can't prove a negative. It does answer the question a defendent might pose, something like "how did the defendent get access to M$ well guarded secrets?" but it doesn't prove anything by itself.

The second problem is that it weakens your case if you reverse engineer MS code. Courts allow reverse engineering to make competing products when proper documentation is not available. It's possible that even a restrictive and unfair NDA requiring some ridiculous fee arrangement still counts as being available such that you cannot refuse to reverse engineer. I plan to submit a comment to the DOJ about this and I hope others will too.

Perhaps unlikely, but well worth considering anyway.

And for those who read at +1 or better only, now you have the entire comment.

This absolutely stinks!

[ninewands]

Let me see if I understand this correctly ...

I have to agree to the license terms and pay a fee to get the source.

I also have to provide MS with a Dunn & Bradstreet ID number to prove that I'm really a company.

I have to authenticate all my requests via Passport, thus I am required to provide Microsoft all kinds of personal information AND give them permission to use it in any way they see fit.

Finally ... I have to agree to an NDA that I can't read until I receive it, and which PROBABLY, having read Microsoft's various legal docs before, prohibits disclosure not only of the code, but also the terms of the license agreement, before I even get to decide whether I agree to the terms of the license or not.

Thanks Microsoft. You've just done the non-settling states job for them. You have conclusively proven the need for more stringent antitrust penalties against yourself.

I WILL be filing my comments with the DOJ later this morning.