Slashdot Mirror
VIA Releases Source To Custom WASTE Client
daten writes "VIA has released the source code to their Padlock SL product, based on the Nullsoft WASTE code previously pulled by AOL. Padlock SL offers encrypted chat, instant messaging and file sharing over a private peer-to-peer network. Unlike WASTE, which is still under active development, the VIA client offers a graphical interface for both Windows and Linux users and simpler configuration."
for those that don't want to fill out the questionnaire
Windows XP Version
Red Hat Verion 9.0
Installation Guide
User Guide
NOTICE OF UNAUTHORIZED SOFTWARE
An unauthorized copy of Nullsoft's copyrighted software was briefly posted on this website on or about Wednesday May 28, 2003. The software was identified as "WASTE" (the "Software") and includes the files "waste-setup.exe", "waste-source.zip", "waste-source.tar.gz" and any additional files contained in these files.
Nullsoft is the exclusive owner of all right, title and interest in the Software. The posting of the Software on this website was not authorized by Nullsoft.
If you downloaded or otherwise obtained a copy of the Software, you acquired no lawful rights to the Software and must destroy any and all copies of the Software, including by deleting it from your computer. Any license that you may believe you acquired with the Software is void, revoked and terminated.
Any reproduction, distribution, display or other use of the Software by you is unauthorized and an infringement of Nullsoft's copyright in the Software as well as a potential violation of other laws.
Thank you.
Nullsoft
If I recall correctly the data sent over the network was encrypted using a very long key generated by asking you to move the mouse randomly for a period of time. Doing this for a minute or so ensures that you get a unique key.
http://almostsmart.com
I can't vouche for Padlock, but I've used WASTE and yes, you need a key, and I believe all transmissions are encrypted. Pretty nice really, has an IRC like client and several other little features. I've tried to convince my friends to stop using my ftp and use WASTE instead (its ideal for groups of 50 people) but they've been slow to follow suite. Maybe I can convince them with this software instead.
I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.
Never mind. Stupid little me found the link _on the front page_ at last.. PadLockSL.src.zip[viaarena.com]...
Checkout VIA PadLock Hardware Security Suite. Their procs have built in AES encryption as well as a very high bitrate Random Number Generator. This allows their 1GHz procs to do encryption an order of magnitude faster than a 2.4GHz P4. So this software just takes advantage of and promotes their hardware.
JOhn
Campaign for Liberty
VIA makes CPUs (C3), motherboards (EPIA), and graphics cards (S3 UniChrome integrated and DeltaChrome) too! BTW, PadLock is definitely a reference to the encryption engine in their C3 Nehemiah and newer - it means that their 1GHz C3 can murder a x.xxGHz Pentium 4 on encryption, all while barely taking any power. However, as soon as you go to standard integer or floating point, it SUCKS ASS. Integer performance is in the 300-600MHz Celery range, and FP performance is in the sub-300MHz Celery range.
BitTorrent, FTP, HTTP and KaZaa all are used for very different applications. WASTE is used for creating a private, enclosed and secure P2P network. Which of the above apps does that?
Winamp Unlimited covered the complete story yesterday, for those of you who are interested. There are some links/information on there that haven't been mentioned with this discussion.
Via's system requires their hardware security implementations to work.
From the user's guide:
PadLockSL utilizes hardware AES algorithm and random number generator provided in VIA C5P processor. The special characteristics PadLockSL has are outlined as below:
1.2.1 Support running on C5P system and non-C5P system
1.2.2 Automatically detect whether C5P ACE is available or not
If C5P ACE is available, use hardware AES in C5P ACE; otherwise, use software implemented AES when performing AES encryption/decryption
1.2.3 Automatically detect whether C5P RNG is available or not
If C5P RNG is available, use it as entropy source in random number generation routine; otherwise, use the random number generation device provided by linux.
I'm the urban spaceman babe, but here comes the twist... I don't exist
You can get the source code here....
http://www.viaarena.com/?PageID=401
Have fun!
It's really easy to compile Padlock on Mandrake 9.2. First install libqt3-devel, the QT deveoper package. Then, call /usr/lib/qt3/bin/qmake and make, that's all.
WebDAV -- a standard part of Apache 2 -- is the replacement for FTP. It only uses one TCP connection (HTTP extension), goes anywhere HTTP goes, can be used over HTTPS and thus be as secure as you like.
On the client side, it is already supported by KDE (use URLs like webdavs://server/dir/file.txt), GNOME, and MS Windows. There are also a few command-line clients, such as neon.
In Soviet Washington the swamp drains you.
"If WASTE's release was unauthorized, you have no rights to do anything with the software. I am not certain what you could be required to do, by law, should you be found to possess a copy."
"Unfortunately, there is no good way to determine whether or not the release was authorized or not. We are currently presuming that it was unauthorized, until we see convincing evidence otherwise."
Here's what I do: Bitty Browser & Andromeda
"If WASTE's release was unauthorized, you have no rights to do anything with the software. I am not certain what you could be required to do, by law, should you be found to possess a copy."
"Unfortunately, there is no good way to determine whether or not the release was authorized or not. We are currently presuming that it was unauthorized, until we see convincing evidence otherwise."
But the thing is, I doubt anybody even cares. The logic in the P2P debate is always "I believe whatever supports my position, and I don't believe anything that speaks against my position."
In this case the FSF themselves say that they are presuming it to be unauthorized, and that therefore others have rights to do anything with the software.
But who cares what the FSF says, right?
Here's what I do: Bitty Browser & Andromeda
By: Hollywood at monkeysvsrobots.com - zonk3r
RE: Nullsoft: NOTICE OF UNAUTHORIZED SOFTWARE
2003-07-23 12:22
so, here's the deal. i've been thinking about this thread a lot and figured it would be good to get an authoritative repsonse from someone 'in the know' about the gpl and law. so i decided to write rms himself and see what his take is on the matter. here's my email to him (7/21):
mr. stallman,
i've got a question for you regarding a certain application of the gpl. first i want to give a little background story to catch you up if you weren't aware of the situation...
you may be aware of an application that was released by nullsoft (www.nullsoft.com), a subsidiary of aol, called waste. justin frankel, author of waste and ceo of nullsoft, released it several weeks ago with its source code licensed under the gpl. however, it seems he didn't have the necessary privilege to do so, and aol forced nullsoft to remove the software and post this notice later in the same day it was released (http://www.nullsoft.com/free/waste/):
NOTICE OF UNAUTHORIZED SOFTWARE
An unauthorized copy of Nullsoft's copyrighted software was briefly posted on this website on or about Wednesday May 28, 2003. The software was identified as "WASTE" (the "Software") and includes the files "waste-setup.exe", "waste-source.zip", "waste-source.tar.gz" and any additional files contained in these files.
Nullsoft is the exclusive owner of all right, title and interest in the Software. The posting of the Software on this website was not authorized by Nullsoft.
If you downloaded or otherwise obtained a copy of the Software, you acquired no lawful rights to the Software and must destroy any and all copies of the Software, including by deleting it from your computer. Any license that you may believe you acquired with the Software is void, revoked and terminated.
Any reproduction, distribution, display or other use of the Software by you is unauthorized and an infringement of Nullsoft's copyright in the Software as well as a potential violation of other laws.
Thank you.
Nullsoft
shortly after the release of the source, several projects started popping up trying to pick up where waste fell short. the one in particular that i have a question about, is this one: http://sourceforge.net/projects/waste/ . in the discussion groups a thread has arisen as to the legality of continuing the project since nullsoft and aol have 'voided, revoked and terminated' any such license it was released under. many people in this thread seem to believe that once a piece of code is released under the gpl, it can not be revoked no matter what. however, in this case the software was released illegally and the gpl was applied to it. it is my opinion that the gpl can't protect someone from this. you can't license something you don't own in the first place. it doesn't matter who the person was that licensed and released it even if they were ceo, if they didn't have the authority to do so (which frankel's contract apparently doesn't give him), then the license is null and void and any further development would be as well. the argument for the opposition is that the licensor can not retract the license (http://www.gnu.org/licenses/gpl-faq.html#CanDevel operThirdParty). in a court case, i don't think that the folks who want to develop on the source would have a leg to stand on since the originator stated, in essence, that the code was leaked and a license was applied to the leaked code which they had no authority to license in the first place.
please take a look at the discussion thread: http://sourceforge.net/forum/forum.php?thread_id=8 96863&forum_id=281189 my posts are under the screen-name 'zonk3r'.
i suppose i feel it is rather naive of them to assume that they can hide behind the gpl and everything will be okay. that enti