Slashback: Encumbrance, Silence, Internalization

← Back to Stories (view on slashdot.org)

Slashback: Encumbrance, Silence, Internalization

Posted by ryuzaki0 on Tuesday September 24, 2002 @11:59AM from the flying-dreams dept.

Slashback with two different updates on the donation by Sun of elliptic-curve cryptographic techniques to the OpenSSL project, the state of Microsoftization of the U.S. Department of the Interior, and the strange outcome of Batt vs. the Cage Trust. Read on below for the details.

Different folks, different contributions Dr. Sheueling Chang-Shantz writes:

"Hello, I am the lead researcher/developer of the ECC project at Sun Microsystems Laboratories. I appreciate very much the news you posted on Slashdot regarding 'OpenSSL Gets Cryptography Gift From Sun.'
However, your wordings "Sun Microsystems has donated ... developed by Whitfield Diffie ..." seems to be causing some confusion on Slashdot forum. It gave the wrong interpretation that Whit has invented ECC. Sun is definitely making no attempt to claim that Whitfield Diffie has invented the Elliptic Curve Cryptosystem. Technically, neither has Whitfield Diffie developed the ECC technology that Sun has donated to the OpenSSL project recently.
I would appreciate it if you could correct the news before too late.
For clarification, Elliptic curve cryptography was independently invented by Neal Koblitz, Professor of Mathematics at the University of Washington and Victor Miller who was then at IBM.
Whitfield Diffie is Sun's chief security officer who co-invented Diffie-Helman public-key cryptography."

We now go north of the border ... And further on the topic of that donation by Sun, friscolr writes "In a recent post on misc@, OpenBSD project leader Theo de Raadt states...

OpenSSL is becoming a non-free software project, because the code from Sun contains licenses which invoke patent litigation; the licence on the new code basically builds a contract that says "if you use this code, you cannot sue Sun".

He goes on to say, 'once again, i think it is time to fork OpenSSL.' Thank you, Theo, for always making sure we will have 100% free software at our disposal and for standing by your stated goals."

[Headline redacted] Dotnaught writes "The question of whether British composer Mike Batt's "A Minute's Silence" on the "Classical Graffiti" CD (by The Planets) violated the copyright of John Cage's silent composition " 4'33" " has been resolved in an out-of-court settlement. Batt reportedly paid the John Cage Trust an "adequate sum" (whatever that is). On his site, Batt writes, 'We have now settled the matter of my artless plagiarism of John Cage's silence, by his publishers caving in and us winning! Why didn't I think of that before! We could have saved a lot of time and buggering about, although I must say, the struggle was one of the most amusing disputes I've ever , er, disputed.' Batt may yet have the last laugh. According to the New Yorker, Batt has been busy copyrighting chunks of silence of various lengths other than the four minutes, thirty-three seconds of silence owned by Cage."

Hey, does this guy really work for the government? In response to broadly worded news that the U.S. Department of the Interior was switching to an all-Microsoft computing infrastructure, security architect (and oftc.net honcho) D. Clyde Williamson fired off a well-phrased mail to Hord Tipton, Acting Chief Information Officer for the Department of the Interior. asking for clarification, and urging that the DOI consider advantages of not tying themselves completely to proprietary systems. Tipton's response (posted with his permission) is informative:

"Thanks for your views on the DOI's attempts to standardize operating systems. Whereas it is true we are moving towards enterprise approaches to desktops and operating systems, there will be as you suggest a heterogenous mix at the server level. We have not decided at this point to be 100% Microsoft although that discussion has been entertained. There are certain risks and efficiencies that must be considered regardless of the path taken.
Our major concern is interoperability and our current situation is all over the map. Thus standardization is an important step forward for us.
Thanks again for your views.
Hord Tipton
Department of the Interior"

Why relying on a single vendor for such an important aspect of the modern workplace is still considered an "enterprise approach" I'm not sure, but it is certainly true at many companies.

30 of 201 comments (clear)

At the client level by Dancin_Santa · 2002-09-24 12:03 · Score: 3, Informative

It makes a lot of sense to have everyone using the same operating system at the user level. Standardize the OS, disallow unapproved app, device, driver installation, and use an OS that doesn't require extensive training.

Heh, you'd think they'd go with Mac.
1. Re:At the client level by mmol_6453 · 2002-09-24 12:09 · Score: 4, Interesting
  
  (And just to clarify your point)
  
  That's "at the user level."
  
  They're still leaving the door way open for running different types of servers.
  
  I'm rather impressed at the prompt response of a major player at the DOI. What with all the requests for press he's probably getting, he appears to have a great deal of store set in relatively private "public relations."
  
  Could someone give good, logical reasons? I'm seriously all ears.
  
  --
  What's this Submit thingy do?
2. Re:At the client level by Anonvmous+Coward · 2002-09-24 12:30 · Score: 5, Insightful
  
  "Heh, you'd think they'd go with Mac."
  
  I know you meant this sarcastically, but you inadvertently touched on an interesting point: The more interest you have with your computer, the more efficient you'll become with it.
  
  I'm really good with Windows. Always have been. But when I got my first job as an animator, they put me on an Alpha station running NT 3. (yes 3... or was it 3.52 or something like that? All I remember is that the interface resembled Windows 3.0, and I was used to 95.) My boss suggested I find some plugins for Lightwave and get them installed. But I was afraid to mess with this thing! Not only was the interface really different, but it also had an entirely different processor. If it had been NT4 (Umm.. not quite sure if NT4 was ready to go then...) I would have been pretty comfortable in playing with it. Why? Because I used Windows 95 at home and the interface was similar. I had a pretty good idea of what I could do with it and not feel like I'm going to break it.
  
  My point? Well, it's safe to assume most of the people there have a Wintel PC in their house. If the computers they use at work are Wintel as well, they'll be more comfy with it. No matter how good an OS is, it is difficult to support somebody who's unfamiliarity with their system makes them scared to mess with it.
I'm speechless by Greyfox · 2002-09-24 12:06 · Score: 5, Funny

The fact that you can copyright silence renders me speechless.
But only for 2 minutes.

--
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
1. Re:I'm speechless by phil+reed · 2002-09-24 13:32 · Score: 3, Interesting
  
  You ought to know that the John Cage piece 4'33'', which is the length of the piece of silence, is actually made up of 3 movements of 30 seconds, 2 minutes 23 seconds, and 1 minute 40 seconds. The score consists of an appropriate number of pages of (empty) music, and the performer is to signal the end of each movement.
  
  A history and discussion of the piece can be found here.
  
  --
  
  ...phil
  "For a list of the ways which technology has failed to improve our quality of life, press 3."
Everyone must post by PD · 2002-09-24 12:10 · Score: 4, Funny

I have copyrighted the act of NOT posting on Slashdot. If you don't post, you're in violation. If you don't post twice, you're OK. I haven't copyrighted that. As far as I know, that one's under the GNU copyleft.

--
If tits were wings it'd be flying around.
Re:Yeah, right by EvanED · 2002-09-24 12:16 · Score: 4, Insightful

Right on! They should be 100% *nix! Why don't they see the light?

Facetiousness aside, they're considering it because they should investigate all the alternatives. 100% MS is a viable option, albeit a poor and risky choice for most applications, but a choice nonetheless. One should investigate all the alternatives before coming to a conclusion.
Re:I hereby claim the copyright on... by Anonvmous+Coward · 2002-09-24 12:18 · Score: 5, Funny

"I hereby claim the copyright on......all posts not submitted regarding this article."

Plagarist!

Every word this person said has been written before! Here..
Re:Yeah, right by susano_otter · 2002-09-24 12:18 · Score: 5, Interesting

Why not? There are advantages to a homogenous environment. Many of these advantages are the same no matter which vendor provides 100% of your systems.

But hey! Let's consider the "alternative": 60 webservers all serving the same site, some running IIS, some running Apache, some running Iplanet. Now, go and maintain all of that.

I work in a very heterogenous datacenter, but all machines of the same type, in the same environment, run the same code on the same platform. The reasons for homogeneity on some level should be readily apparent.

--
Any sufficiently well-organized community is indistinguishable from Government.
This man is not who he claims to be by delta407 · 2002-09-24 12:20 · Score: 5, Informative

FYI, according to the OpenBSD site it's "Theo de Raadt", not "Theo DeRaadt".

Don't believe me? Check this user's posting history, Theo's personal homepage, interviews, or mailing list posts.
1. Re:This man is not who he claims to be by delta407 · 2002-09-24 12:54 · Score: 3, Interesting
  
  Sure, it's a common mistake, but on Slashdot you sign up for your own account. (Do you spell your own name wrong?) It's obvious from the Google results that "Theo de Raadt" is the preferred spelling (31,000 vs 1,800) and there is nothing related to his account that would validate his identity.
  
  I stand by my conclusion.
no need to fork OpenSSL by plcurechax · 2002-09-24 12:21 · Score: 5, Informative

In the cryptography mailing list, it appears that Theo may not need to declare jihad on licenses he doesn't like.

According to Ulf Möller there will be a patch made before the next release to isolate the ECC code in case of patent concerns. The ECC code can be included or excluded based on a configure flag like the present RC5 and IDEA algorithms which are still patented in various parts of the world.

Apparently the patent claim is an additional optional provision that companies can use the Sun code under a truce against lawsuits if they agree to not sue about ECC patent infrigement either.
1. Re:no need to fork OpenSSL by stebilad · 2002-09-24 15:42 · Score: 5, Insightful
  
  According to Ulf Möller there will be a patch made before the next release to isolate the ECC code in case of patent concerns. The ECC code can be included or excluded based on a configure flag like the present RC5 and IDEA algorithms which are still patented in various parts of the world.
  
  Compile-time flags already exist to turn on and off ECC code in OpenSSL - they are OPENSSL_NO_EC, OPENSSL_NO_ECDH, and OPENSSL_NO_ECDSA. Additionally, there's a compile-time flag to turn on or off the code that is allegedly encumbered by Sun patents and a compile-time flag to turn off code that might be encumbered by another company's patents.
  
  Furthermore, this is not new to OpenSSL nor to the crypto world in general. Lots of algorithms included in OpenSSL are covered by patents, RC5 and IDEA being prime examples. The OpenSSL license and most other open-source licenses only give you rights to copy and distribute the code, not necessarily to use it. Just as it was illegal to use RSA cryptography in the United States before Sept. 2000 without licensing it from RSA Security, so too is it illegal to use RC5 without licensing it. The OpenSSL license does not and cannot grant you those rights.
  
  The Sun provision is there to grant users additional rights. As the previous poster indicates, it allows you to use any algorithm that Sun has a patent on in the context of OpenSSL and be free from threat of patent infringement lawsuit provided you don't sue Sun over a related issue.
  
  Is it reasonable for Sun to ask you to not to sue them for code they gave away for free in return for not suing you? That's a business decision you make when you decide to use OpenSSL code.
  
  Is it reasonable for Sun to say you can use the encumbered code in the context of OpenSSL but not in other contexts (like a hardware accelerator)? Under US law, they've got the right to do that. Whether you agree with patents or not is a different argument.
Sympathy... by Anonvmous+Coward · 2002-09-24 12:22 · Score: 4, Interesting

"We have not decided at this point to be 100% Microsoft although that discussion has been entertained. There are certain risks and efficiencies that must be considered regardless of the path taken."

Like or hate their decision, anybody who's ever tried to print from a Linux box to a printer hosted on a Windows machine can sympathize. Technical superiority is fine and all, but ease of use has a larger impact on overall efficiency.
Re:Yeah, right by delta407 · 2002-09-24 12:30 · Score: 3, Insightful

Yes, but he was arguing for interoperability, not consistency. I'm all for consistency, whether it be M$ or *nix. Of course there are advantages to a homogenous environment, but if you go homogenous Microsoft, you're tied to Microsoft, period.

If you run *nix, you can use NFS or a variety of new network filesystems. If you run Windows, you get SMB. But wait -- there's Samba for *nix that lets Windows speak its own little proprietary protocol and interoperate with *nix servers. *nix can speak Windows, but not vice versa.

If you run everything on Apache, you can host your sites on Linux, Windows, Solaris, FreeBSD, what-have-you on a variety of different architectures. If you host on IIS, you're stuck with Windows and the very limited number of platforms it supports. Apache runs on Windows, IIS does not run on *nix.

If you write your website in PHP, you can use it on a variety of Unicies on a variety of different platforms. If you write for ASP dot NET, you're stuck to Windows 2000+ on x86 (and whatever else Redmond feels like supporting). You can run PHP on Windows, but not vice versa.

So... tell me, which is the more flexible solution? Which delivers more interoperability? The open, freely extendable system or the closed and proprietary one? That's why I pointed this out as a no-brainer; it is.

(And yes, I know about Microsoft's UNIX tools, but it's a moot point.)
Say what? by Kwil · 2002-09-24 12:33 · Score: 3, Funny

A seven second fart?

The heck with violating copyright, that sounds like it violates physiology.

--
That Jesus Christ guy is getting some terrible lag... it took him 3 days to respawn! -NJ CoolBreeze
An adequate sum by wfmcwalter · 2002-09-24 12:35 · Score: 5, Funny

Batt reportedly paid the John Cage Trust an "adequate sum" (whatever that is)
Apparently Batt gave the Cage Trust a suitcase full of no money.

--
## W.Finlay McWalter ## http://www.mcwalter.org ##
silence by Satai · 2002-09-24 12:38 · Score: 5, Insightful

Ok, this is important to me. Yeah, it sounds stupid that the suit was over silence - but what it really was about was that he credited Cage as an author and did not pay the estate. THAT caused the problem. Even Sonic Youth did a track of silence and didn't get sued - because they didn't have the cavalier audacity to credit someone else without checking the ramifications.

So how about we stop making fun of the situation? Cage's estate isn't at fault here. That guy shouldn't pull such stupid shit.
Well then... by Eric_Cartman_South_P · 2002-09-24 12:52 · Score: 3, Funny

...I'm not posting, just to prove a point! Oh wait... shit...
You can't copyright that by hayden · 2002-09-24 13:14 · Score: 5, Funny

It's not a piece of work and so can't be copyrighted. It's a method and so needs to be patented.
Email me for a licence on "Method and apperatus for disseminating a plurality of absence of content via online bitching servers".
Thanks.

--
Nerd: Derogatory term typically directed at anybody with a lower Slashdot ID than you.
Re:In other news by cei · 2002-09-24 13:21 · Score: 3, Funny

Uh huh. The infamous "Seven Seconds of Silent but Deadly..."

--
This sig intentionally left justified.
Re:In other news by Tablizer · 2002-09-24 13:24 · Score: 4, Funny

I have copyright on various lengths of passing gas.

Well, your lawyers are welcomed to stick their face near my ass to inspect the duration.

Waiter, another Burrito Grande, please.

--
Table-ized A.I.
Re:copyright of pi by Bishop · 2002-09-24 13:32 · Score: 4, Interesting

PI is an ifinite sequence of non-repeating numbers. Every finite sequence of numbers can be found within the digits of PI. It may take a while to find your finite sequence, but it is there. This is similar to how all finite numbers are contained within infinity.

As the digits of PI have considerable prior art, I would suggest that the digits of another irrational number be copyright. Among other prior art from PiDigits we see:

The National Energy Research Scientific Computing Center maintains a web page in which binary-encoded words (with a = 1, ..., z = 26) can be looked up in the first 4 billion digits of pi.
The page goes on to list some other interesting sequences of numbers and their positions.
Batt's settlement by rsidd · 2002-09-24 13:33 · Score: 4, Informative

Batt reportedly paid the John Cage Trust an "adequate sum" (whatever that is).
He paid them a six figure sum.
1. Re:Batt's settlement by dmiller · 2002-09-24 13:48 · Score: 3, Funny
  
  It should have been $000000
Re:New Business Model? by Tablizer · 2002-09-24 13:33 · Score: 4, Funny

1. Copyright 3, 5, 7, and 14 question marks.
2. ???
3. ?????
4. ???????
5. ??????????????
6. Profit!!!

--
Table-ized A.I.
Something to look forward to by Lucas+Membrane · 2002-09-24 13:34 · Score: 3, Informative

See:
http://www.angio.net/pi/piquery
Not only does every possible finite sequence of bits occur in the bits of pi, it occurs an infinite number of times. It's all there: directions to Jimmy Hoffa's grave, the human genome, the lost works of Shakespeare, MPEG's of Gallmer and Bates doing the unspeakable, a bug-free release of Windows 2010, JPEG's of those court and military records Bush won't release, MS-DOS 1.0 with Gary Kildall's Easter Egg still in it, everything! An infinite number of times! Find it. Post it here.
1. Re:Something to look forward to by Hard_Code · 2002-09-24 15:21 · Score: 3, Funny
  
  Well, the MPAA and RIAA better get their drones up to Congress to ban pi.
  
  --
  
  It's 10 PM. Do you know if you're un-American?
2. Re:Something to look forward to by hysterion · 2002-09-24 18:56 · Score: 3, Informative
  
  Ahem. From D. Bailey and R. Crandall, On the random character of fundamental constant expansions, Experimental Mathematics 10 (2001), p.276:
  "Even the weaker assertion that every finite digit string appears in the expansion has not been established, to our knowledge"
  
  --
  Timeo idiotikOS et dona ferentes
enterprise approach by novarese · 2002-09-24 13:39 · Score: 3, Informative

Why relying on a single vendor for such an important aspect of the modern workplace is still considered an "enterprise approach" I'm not sure, but it is certainly true at many companies.

Ah, grasshopper, you've just labeled yourself a novice. The reason you're not sure why that's considered an enterprise approach is that you have no experience with enterprise-class operations. You can get a vendor to agree to all kinds of massive price reductions on hardware and, more-importantly, the margin-laden services contracts, by agreeing to standardize your entire operation around their products.