Slashdot Mirror
Slashback: Encumbrance, Silence, Internalization
Different folks, different contributions Dr. Sheueling Chang-Shantz writes:
"Hello, I am the lead researcher/developer of the ECC project at Sun Microsystems Laboratories. I appreciate very much the news you posted on Slashdot regarding 'OpenSSL Gets Cryptography Gift From Sun.'However, your wordings "Sun Microsystems has donated ... developed by Whitfield Diffie ..." seems to be causing some confusion on Slashdot forum. It gave the wrong interpretation that Whit has invented ECC. Sun is definitely making no attempt to claim that Whitfield Diffie has invented the Elliptic Curve Cryptosystem. Technically, neither has Whitfield Diffie developed the ECC technology that Sun has donated to the OpenSSL project recently.
I would appreciate it if you could correct the news before too late.
For clarification, Elliptic curve cryptography was independently invented by Neal Koblitz, Professor of Mathematics at the University of Washington and Victor Miller who was then at IBM.
Whitfield Diffie is Sun's chief security officer who co-invented Diffie-Helman public-key cryptography."
We now go north of the border ...
And further on the topic of that donation by Sun, friscolr writes "In a recent post on misc@, OpenBSD project leader Theo de Raadt states...
OpenSSL is becoming a non-free software project, because the code from Sun contains licenses which invoke patent litigation; the licence on the new code basically builds a contract that says "if you use this code, you cannot sue Sun".
He goes on to say, 'once again, i think it is time to fork OpenSSL.' Thank you, Theo, for always making sure we will have 100% free software at our disposal and for standing by your stated goals."
[Headline redacted] Dotnaught writes "The question of whether British composer Mike Batt's "A Minute's Silence" on the "Classical Graffiti" CD (by The Planets) violated the copyright of John Cage's silent composition " 4'33" " has been resolved in an out-of-court settlement. Batt reportedly paid the John Cage Trust an "adequate sum" (whatever that is). On his site, Batt writes, 'We have now settled the matter of my artless plagiarism of John Cage's silence, by his publishers caving in and us winning! Why didn't I think of that before! We could have saved a lot of time and buggering about, although I must say, the struggle was one of the most amusing disputes I've ever , er, disputed.' Batt may yet have the last laugh. According to the New Yorker, Batt has been busy copyrighting chunks of silence of various lengths other than the four minutes, thirty-three seconds of silence owned by Cage."
Hey, does this guy really work for the government? In response to broadly worded news that the U.S. Department of the Interior was switching to an all-Microsoft computing infrastructure, security architect (and oftc.net honcho) D. Clyde Williamson fired off a well-phrased mail to Hord Tipton, Acting Chief Information Officer for the Department of the Interior. asking for clarification, and urging that the DOI consider advantages of not tying themselves completely to proprietary systems. Tipton's response (posted with his permission) is informative:
"Thanks for your views on the DOI's attempts to standardize operating systems. Whereas it is true we are moving towards enterprise approaches to desktops and operating systems, there will be as you suggest a heterogenous mix at the server level. We have not decided at this point to be 100% Microsoft although that discussion has been entertained. There are certain risks and efficiencies that must be considered regardless of the path taken.Our major concern is interoperability and our current situation is all over the map. Thus standardization is an important step forward for us.
Thanks again for your views.
Hord Tipton
Department of the Interior"
Why relying on a single vendor for such an important aspect of the modern workplace is still considered an "enterprise approach" I'm not sure, but it is certainly true at many companies.
(And just to clarify your point)
That's "at the user level."
They're still leaving the door way open for running different types of servers.
I'm rather impressed at the prompt response of a major player at the DOI. What with all the requests for press he's probably getting, he appears to have a great deal of store set in relatively private "public relations."
Could someone give good, logical reasons? I'm seriously all ears.
What's this Submit thingy do?
Why not? There are advantages to a homogenous environment. Many of these advantages are the same no matter which vendor provides 100% of your systems.
But hey! Let's consider the "alternative": 60 webservers all serving the same site, some running IIS, some running Apache, some running Iplanet. Now, go and maintain all of that.
I work in a very heterogenous datacenter, but all machines of the same type, in the same environment, run the same code on the same platform. The reasons for homogeneity on some level should be readily apparent.
Any sufficiently well-organized community is indistinguishable from Government.
"We have not decided at this point to be 100% Microsoft although that discussion has been entertained. There are certain risks and efficiencies that must be considered regardless of the path taken."
Like or hate their decision, anybody who's ever tried to print from a Linux box to a printer hosted on a Windows machine can sympathize. Technical superiority is fine and all, but ease of use has a larger impact on overall efficiency.
A "heterogenous mix at the server level." could simply mean a mix of NT2000, NT4 and XP. Although one could hope that it really means other manufacturer's systems as well, it doesn't have to.
For the rest of it, it sounds like they still intend to force the desktop to pure MS.
OS Software is like love: The best way to make it grow is to give it away.
Sure, it's a common mistake, but on Slashdot you sign up for your own account. (Do you spell your own name wrong?) It's obvious from the Google results that "Theo de Raadt" is the preferred spelling (31,000 vs 1,800) and there is nothing related to his account that would validate his identity.
I stand by my conclusion.
As the digits of PI have considerable prior art, I would suggest that the digits of another irrational number be copyright. Among other prior art from PiDigits we see:
The page goes on to list some other interesting sequences of numbers and their positions.
A history and discussion of the piece can be found here.
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
Despite fact OpenSSL is so widely used, there exist a project to make GPLed replacement for it - GNU Transport Layer Security Library.
It is useful for all those people, for whom BSD license is not enough free. I think that TLS (the new name for SSL, BTW) library is mandatory for GNU/Operating System. And because of GNU it has to be GPLed - now it means reimplemented from scratch.
I also fear, that it will be binary incompatible with OpenSSL - if so, it wouldn't gain popularity. It should be drop-in replacement.
But we will see - right now you can test it or go and help developing this crypto library.
:wq