Slashdot Mirror
VIA Releases Source To Custom WASTE Client
daten writes "VIA has released the source code to their Padlock SL product, based on the Nullsoft WASTE code previously pulled by AOL. Padlock SL offers encrypted chat, instant messaging and file sharing over a private peer-to-peer network. Unlike WASTE, which is still under active development, the VIA client offers a graphical interface for both Windows and Linux users and simpler configuration."
for those that don't want to fill out the questionnaire
Windows XP Version
Red Hat Verion 9.0
Installation Guide
User Guide
NOTICE OF UNAUTHORIZED SOFTWARE
An unauthorized copy of Nullsoft's copyrighted software was briefly posted on this website on or about Wednesday May 28, 2003. The software was identified as "WASTE" (the "Software") and includes the files "waste-setup.exe", "waste-source.zip", "waste-source.tar.gz" and any additional files contained in these files.
Nullsoft is the exclusive owner of all right, title and interest in the Software. The posting of the Software on this website was not authorized by Nullsoft.
If you downloaded or otherwise obtained a copy of the Software, you acquired no lawful rights to the Software and must destroy any and all copies of the Software, including by deleting it from your computer. Any license that you may believe you acquired with the Software is void, revoked and terminated.
Any reproduction, distribution, display or other use of the Software by you is unauthorized and an infringement of Nullsoft's copyright in the Software as well as a potential violation of other laws.
Thank you.
Nullsoft
If I recall correctly the data sent over the network was encrypted using a very long key generated by asking you to move the mouse randomly for a period of time. Doing this for a minute or so ensures that you get a unique key.
http://almostsmart.com
From the description this is a sample application using their "Padlock" hardware
I can't vouche for Padlock, but I've used WASTE and yes, you need a key, and I believe all transmissions are encrypted. Pretty nice really, has an IRC like client and several other little features. I've tried to convince my friends to stop using my ftp and use WASTE instead (its ideal for groups of 50 people) but they've been slow to follow suite. Maybe I can convince them with this software instead.
I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.
Yes it can, if the person who released it wasn't authorized to. I can release the windows source under the GPL, but that doesn't mean its valid.
Never mind. Stupid little me found the link _on the front page_ at last.. PadLockSL.src.zip[viaarena.com]...
Checkout VIA PadLock Hardware Security Suite. Their procs have built in AES encryption as well as a very high bitrate Random Number Generator. This allows their 1GHz procs to do encryption an order of magnitude faster than a 2.4GHz P4. So this software just takes advantage of and promotes their hardware.
JOhn
Campaign for Liberty
If whoever put the GPL block there did not have the permission of the copyright owner to license it so, then it isn't worth the electrons it is written on.
I can't take a copy of the leaked Windows code, put a GPL notice at the top of every file, and claim then claim it has been GPLed. AOL owned the source code (because Frankel was an idiot and sold his sole to them), and if they never OKed it to be released, then it is not under the GPL.
AOL/Nullsoft's dispute is with Justin Frankel if they contend the release was unauthorized. But released it was, and it is under the GPL.
IANAL.
If *we*, the persons dealing with the company 'reasonably believe' that the Agent (Frankel) has the authority to enter into the agreement (GPL license) with us, then it is so. The company is responsible to uphold its agreement (where Frankel was the agent).
Posting this nonsense on the web doesnt undo Agent Frankel's agreement with us.
I just got an image of Frankel as Agent Smith in Matrix... hm, nevermind.
VIA makes CPUs (C3), motherboards (EPIA), and graphics cards (S3 UniChrome integrated and DeltaChrome) too! BTW, PadLock is definitely a reference to the encryption engine in their C3 Nehemiah and newer - it means that their 1GHz C3 can murder a x.xxGHz Pentium 4 on encryption, all while barely taking any power. However, as soon as you go to standard integer or floating point, it SUCKS ASS. Integer performance is in the 300-600MHz Celery range, and FP performance is in the sub-300MHz Celery range.
BitTorrent, FTP, HTTP and KaZaa all are used for very different applications. WASTE is used for creating a private, enclosed and secure P2P network. Which of the above apps does that?
Winamp Unlimited covered the complete story yesterday, for those of you who are interested. There are some links/information on there that haven't been mentioned with this discussion.
You can get the source code here....
http://www.viaarena.com/?PageID=401
Have fun!
They say it, but that doesn't make it true. An agent of the company posted the software under the GPL. AOL/Nullsoft's dispute is with Justin Frankel if they contend the release was unauthorized. But released it was, and it is under the GPL.
It doesn't necessarily make it false, either. The GPL's legality and enforceability have yet to be tested in court. Also, Frankel may have been bound by prior contracts which nullify any attempt to GPL any code created while employed. You can't take code someone else legally owns and release it validly under a license of your choosing.
It's really easy to compile Padlock on Mandrake 9.2. First install libqt3-devel, the QT deveoper package. Then, call /usr/lib/qt3/bin/qmake and make, that's all.
WebDAV -- a standard part of Apache 2 -- is the replacement for FTP. It only uses one TCP connection (HTTP extension), goes anywhere HTTP goes, can be used over HTTPS and thus be as secure as you like.
On the client side, it is already supported by KDE (use URLs like webdavs://server/dir/file.txt), GNOME, and MS Windows. There are also a few command-line clients, such as neon.
In Soviet Washington the swamp drains you.
Drifting a little OT, but look to Pynchon's "The Crying of Lot 49", IIRC the muted horn is a logo associated with an underground mail system known as *drumroll* WASTE.
At least the c3 has a hardware random number generator for better encryption. Sadly you need stepping 03 of the Nehemiah core, as I discovered when I got my motherboard and got Linux compiled to use it. I had a 01 stepping so it was no-go. Felt kinda cheated.
(as well as the low-noise really isn't all that lown noise)
"If WASTE's release was unauthorized, you have no rights to do anything with the software. I am not certain what you could be required to do, by law, should you be found to possess a copy."
"Unfortunately, there is no good way to determine whether or not the release was authorized or not. We are currently presuming that it was unauthorized, until we see convincing evidence otherwise."
Here's what I do: Bitty Browser & Andromeda
Not true. You should be able to remove them simply by having members of the network remove that users' public key, then make sure all clients are NOT set to auto-accept broadcasted public keys.
Admittedly, I've never had a need to do this, but In theory it should work.
WASTE is meant for a small, trusted group of peers to be able to share content securely without having to worry about eavesdropping. If you want the latest hot music and warez then this definitely isn't the program you should be looking at.
"If WASTE's release was unauthorized, you have no rights to do anything with the software. I am not certain what you could be required to do, by law, should you be found to possess a copy."
"Unfortunately, there is no good way to determine whether or not the release was authorized or not. We are currently presuming that it was unauthorized, until we see convincing evidence otherwise."
But the thing is, I doubt anybody even cares. The logic in the P2P debate is always "I believe whatever supports my position, and I don't believe anything that speaks against my position."
In this case the FSF themselves say that they are presuming it to be unauthorized, and that therefore others have rights to do anything with the software.
But who cares what the FSF says, right?
Here's what I do: Bitty Browser & Andromeda
The WASTE code in Sourceforge still violates GPL. It still includes a bunch of RSA code that isn't GPL'ed. Some of it is explicitly under a license that is imcompatible with GPL, and the rest simply gives an RSA copyright notice and says nothing about licensing.
By: Hollywood at monkeysvsrobots.com - zonk3r
RE: Nullsoft: NOTICE OF UNAUTHORIZED SOFTWARE
2003-07-23 12:22
so, here's the deal. i've been thinking about this thread a lot and figured it would be good to get an authoritative repsonse from someone 'in the know' about the gpl and law. so i decided to write rms himself and see what his take is on the matter. here's my email to him (7/21):
mr. stallman,
i've got a question for you regarding a certain application of the gpl. first i want to give a little background story to catch you up if you weren't aware of the situation...
you may be aware of an application that was released by nullsoft (www.nullsoft.com), a subsidiary of aol, called waste. justin frankel, author of waste and ceo of nullsoft, released it several weeks ago with its source code licensed under the gpl. however, it seems he didn't have the necessary privilege to do so, and aol forced nullsoft to remove the software and post this notice later in the same day it was released (http://www.nullsoft.com/free/waste/):
NOTICE OF UNAUTHORIZED SOFTWARE
An unauthorized copy of Nullsoft's copyrighted software was briefly posted on this website on or about Wednesday May 28, 2003. The software was identified as "WASTE" (the "Software") and includes the files "waste-setup.exe", "waste-source.zip", "waste-source.tar.gz" and any additional files contained in these files.
Nullsoft is the exclusive owner of all right, title and interest in the Software. The posting of the Software on this website was not authorized by Nullsoft.
If you downloaded or otherwise obtained a copy of the Software, you acquired no lawful rights to the Software and must destroy any and all copies of the Software, including by deleting it from your computer. Any license that you may believe you acquired with the Software is void, revoked and terminated.
Any reproduction, distribution, display or other use of the Software by you is unauthorized and an infringement of Nullsoft's copyright in the Software as well as a potential violation of other laws.
Thank you.
Nullsoft
shortly after the release of the source, several projects started popping up trying to pick up where waste fell short. the one in particular that i have a question about, is this one: http://sourceforge.net/projects/waste/ . in the discussion groups a thread has arisen as to the legality of continuing the project since nullsoft and aol have 'voided, revoked and terminated' any such license it was released under. many people in this thread seem to believe that once a piece of code is released under the gpl, it can not be revoked no matter what. however, in this case the software was released illegally and the gpl was applied to it. it is my opinion that the gpl can't protect someone from this. you can't license something you don't own in the first place. it doesn't matter who the person was that licensed and released it even if they were ceo, if they didn't have the authority to do so (which frankel's contract apparently doesn't give him), then the license is null and void and any further development would be as well. the argument for the opposition is that the licensor can not retract the license (http://www.gnu.org/licenses/gpl-faq.html#CanDevel operThirdParty). in a court case, i don't think that the folks who want to develop on the source would have a leg to stand on since the originator stated, in essence, that the code was leaked and a license was applied to the leaked code which they had no authority to license in the first place.
please take a look at the discussion thread: http://sourceforge.net/forum/forum.php?thread_id=8 96863&forum_id=281189 my posts are under the screen-name 'zonk3r'.
i suppose i feel it is rather naive of them to assume that they can hide behind the gpl and everything will be okay. that enti