Slashdot Mirror
Tridgell Reveals Bitkeeper Secrets
wallykeyster writes "The Register is reporting on Andrew Tridgell publicly demonstrating how to interoperate with Bitkeeper. During his keynote at the Linux.Conf.Au, Tridgell connected to a BitKeeper site via telnet and used the mostly forgotten "help" tool. Ethical arguments of aside, what really counts as reverse engineering anyway?"
Well, I think it's safe to say that Linus Torvalds is wasting his time on his new RCS, 'git'. He may as well just go ahead and write a BitKeeper-compatible system, since he liked BK so much. Oh, wait. That's morally "wrong". So says the guy working on a clone of the UNIX operating system. Something doesn't quite add up here.
Bethanie: Whore...
Fan Whore
I've just reversed engineered MS Exchange. Here's my demo:
sh-2.05b$ telnet mail.egl.net 25
Trying 208.159.114.4...
Connected to mail.egl.net.
Escape character is '^]'.
220 vmail2.iserv.net ESMTP
help
214 qmail home page: http://pobox.com/~djb/qmail.html
I hope he has something more substantial to back himself up than a weak joke.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
A man named Johan Mikelson who keeps track of every bit inside his head!
gnireenigne if think geek is to be believed.
but i was modded down for it. assholes.
c id=12301815
http://linux.slashdot.org/comments.pl?sid=146845&
I don't think that this changes much in open source development. Linus has made his decision and i think that this isn't that good for bitkeeper. Many companies are using bitkeeper because linux is/was managed with this tool. Well. We'll see. But well done Andrew. Better than reverse engeneering it in the hard way and "ripping" the secrets out...
chris
Does anyone remember taking thier first radio apart "just to see how it works". This in the most base form was reverse engineering. Personally if you have the resources and the desire, by all means. Find out what makes it tick. The only reason Bit-Keeper is annoyed is because they see a free product competing with thier own. Not yet persay, but in the very near future.
If we don't make light of everything, we are just stumbling in the dark - Blank
Give him back his parent ;-)
He's just trying to karma whore by whining. I bet, if I submitted articles (sans links) that said I got modded down for mentioning the submitted story, I'd get modded up. Even if I was lying. Mod him down and put a stop to this practice.
Any process that lets one reproduce BitKeeper's process. That includes things like protocol, data format, etc.
;-)
If I reverse-engineered BitKeeper and wrote a client, I would expect my client to be able to seamlessly interact with any other BitKeeper client. Sans license, of course
--LWM
One of the reasons BK kept their stuff closed was so they could take accountability if anything went wrong and now exactly how every client was accessing it. That's one of the advantages most managers see with going with a commercial company rather than a OSS solution.
This isn't just copying functionality, it's putting a widely used system at risk because you don't agree with their practices. That's the same philosophy espoused by a lot of virus writers.
You're kidding right? If the BK system is so brittle that it cannot protect itself against a hostile client then it should not be hosting any source code.
If a friendly client (trying to obtain interoperability) can fundamentally break a server, just imagine what a script kiddie would do..
Here is the link.
http://dictionary.reference.com/search?q=per%20se
Per Se.
I've read a few exchanges from the /. crowd, read a few statements by Linus and the gang, have read McVoy's interpretation of the BK saga, and have come to one conclusion:
No one but the three people involved in this fiasco *really* knows what happened to get this situation to the stage where people begin a verbal free-fire in public.
McVoy is a business man; true to his heart, he needs to keep the BK user strung out on his code. Hell, I would feel the same sense of outrage that he feels if someone threatened to kill my cash cow. Don't pretend that every one you wouldn't feel the same way if it was *your* revenue stream. To me, anyone who claims an absolute vow of poverty is looking for a monastery to live in. Everyone I know would fight to protect a source of financial income.
Selfish? You bet. But nature has created more selfish beings than egalitarian ones. Nature favors pragmatism.
But McVoy could have let this one ride a bit more. It is just a matter of time before someone cracks his model. Then he will have to play the same game as Microsoft and Adobe only on a different level. Too bad for him, though, that his inexpensive advertising scheme didn't last. That is another little detail that goes relatively "un-remarked" upon in the various forums I've read. Larry had one of the hottest programmers in FOSS using his SCM. In fact, this Man Of The Year lavished all kinds of praise on his progeny! You would have to pay more than the "free" license fee for that kind of advertising. Shit, probably A LOT more. If Linus had been paid for his endorsements, that could have added up to quite a sum of money. Larry has wisely kept those funds securely in his pocket.
Again, I'd do that too. The monks of this world can keep their vows.
Linus? Well, it was kind of hard to turn down a free license for one of the best SCMs on the market. If I had been in his position, I would have grabbed the product and ran. In fact, I would like to personally thank Larry for helping juice the Linux kernel development. I know SCO has been rummaging around in the Linux closet for evidence that it was their intellectual property that made the kernel advance so quickly. I believe that Larry's BK contribution probably made the significant increase in kernel production possible. Judging from Linus' angst and outrage, I think he believes that too.
But Linus is being a bit thin skinned. Does he believe he is the ONLY programmer that has been burned by relying on a proprietary product for their work? Didn't he listen to all the people who had been telling him about *their* bad experiences with proprietary lock-in? From what I've read in the past, they had plenty of legitimate worries that this was going to happen. I'm sure that Linus knew it would happen someday too. He's just pissed that it happened NOW as opposed to LATER.
Boo hoo, get over it, this too will pass, etc. But why attack Tridgell in public? Hmmm.... That does raise some interesting questions. And why get all bitchy about it?
There is something we are not getting in this little soap opera. Tridgell is silent, probably for good reason. But why would Linus take him to task knowing that he would not be able to respond publicly?
And Perens? This is a slugfest that only Gates, Darl, and RMS would love - all for differing reasons. Why does Perens feel compelled to call out Linus over his treatment of Tridgell?
I thought the points made by some posters about just how Tridgell was sniffing packets to see the metadata protocols is extremely insightful. To have BK protocols running on his network would require that he be operating a client and server somewhere where he could see it, no? What network was he sniffing if he didn't have a license?
What amazes me is that the attempt to get BK's protocols didn't happen *sooner*. With all of the pissing and moaning that erupted when Linus started using BK, I would have thought there would have been someone doing what Tridgell was accomplishing years
"Rocky Rococo, at your cervix!"
These political spats are fun, but realistically speaking, this is degenerating into an episode of "The Simple Life."
Next thing you know, Torvalis will be breaking up with Perens because "well, he knows what he did."
Person 1 liked a tool. Person 2's actions caused the first person to lose rights to his tool. Person 1 vents. Person 3 vents on Person 1. BFD.
Soon, there will be a group hug and an exchange of hair care products. End of story. Welcome to "life in the big leagues of software." Tune in next week, when Person 5 attempts to purchase a voltage regulator.
Just because virus writers have the same philosophy, that doesn't mean reverse engineers are bad. That's a seriously flawed argument.
Also, I believe the kernel source is usually backed up. They'd just have to restore it. And hopefully, if it got hosed, Linus would willingly switch from using BK, because it would prove its inviability as an SCM.
This isn't just copying functionality, it's putting a widely used system at risk because you don't agree with their practices. That's the same philosophy espoused by a lot of virus writers.
If he's careful I sincerely doubt he would do any damage. If he'd prefer to use his own client instead of BK's though I don't understand why he couldn't use his own server as well.
Replace "AIM" with "BK" in the above text, and see if you still believe what you're asserting.
I forget what 8 was for.
I had been under the impression that the Slashdot editors were with the F/OSS faction that Linus must be deposed as lead kernel maintainer for using proprietary software.
Then, I had thought it wasn't such a hot idea for the Register to be publicizing Tridgell's comments concerning his reverse engineering activity. It becomes ammunition (record of statement) which could be used in a civil or criminal prosecution. (U.S. law has become quite murky with anti-hacking laws (pre-Patriot) and the Patriot act.)
But now, Slashdot is doing what it can to publicize Tridgell's comments. Lets hope Tridgell checked with his lawyers before making his little speech.
This seems really out of character for Linus, I suspect that someone in his position practically lists his job title as "reverse engineer". I bet he was pressured by someone(s) to drop bitkeeper and he's pitching a fit as a sign to all of us that something totally crappy happened.
stuff |
I cannot see any justification for the slamming that Tridgell is getting and it's worse that it's coming from a very respected figure, so maybe _I've_ got something wrong here; it's time the ethical argument _was_ tested and debated between Torvald and Tridgell in the open so I can read what both sides really think and I can make up my own mind. Torvald can't be talking c**p but neither can Tridgell - maybe here is a chance for us all to study a very important debate; if BitKeeper would play ball then maybe Tridgell can speak out openly. Hey, maybe even Richard Stallman could get involved (only joking ;)
And rightly so. If BK's server were so insecure, that it allowed a random person write access to the kernel source code, then people should be screaming bloody murder at BK.
One of the reasons BK kept their stuff closed was so they could take accountability if anything went wrong and now exactly how every client was accessing it. That's one of the advantages most managers see with going with a commercial company rather than a OSS solution.
You forgot to cite Windows as proof of how well a commercial company provides a secure operating environment.
Ok, I don't read The Register much, but the titles of the "related articles" caught my eye. Pretty tough to figure out which side they are on:
What if Tridge wrote something that totally hosed the kernel source on BK's server? People would be screaming bloody murder at BK for letting it happen. One of the reasons BK kept their stuff closed was so they could take accountability if anything went wrong and now exactly how every client was accessing it. That's one of the advantages most managers see with going with a commercial company rather than a OSS solution.
Security through obscurity? People are bothering to argue for that on slashdot?
The distributed tools are way more powerful than the centralized systems; so I think it's great to see the Darcs and Monotone groups both interested in the (probably much more performant) Git backend.
(PS: yeah, I know about Arch, but damn that thing's confusing. I'm guessing they borrowed the usability team from clearcase. If you like Arch, it's definately worth checking out Monotone or Darcs. (personally I lean to Darcs because of the cool language it's written in; but like monotone as well)
Isn't that kind of behaviour a crime in many countries?
Am I the only one here who things that real freedom is achieved only when you can tollerate an opposing point of vew?
Why can't BK develop, and sell software under any liscense they choose? Why isn't Linus free to use that solution if he so chooses? Why is it ok for us to rip on the MS type people for behavior that is OK for us to emulate in support of free and open software?
Why is it ok to try and screw BK over, who spent a great deal of money to develop this?
But this is slashdot. A slashdoter who didn't build his own computer is like a Jedi who didn't build his own lightsaber!
Is Tridge the elusive IBM hacker who "hacked" into SCO when the claimed:
"IBM exploited the bug to bypass SCO's security system, hack into SCO's computers, and download the very files IBM has now attached to its motion"
> used the mostly forgotten "help" tool. ... what
> really counts as reverse engineering anyway?"
So, reading the fine manual is now considered reverse engineering... And therefore illegal! Now I can sue anyone who tells me to RTFM!
The DMCA specifically allows reverse engineering for compatibility
;-)
Tell that to Dmitry Skylarov.
--
AC
You can take accountability for a product when it is used according to a contract and not take accountability for it when it is misused. The manufacturer/service provider takes accountability under specific conditions.
Your suggestion that it is necessary to keep the BK protocol closed because the BitKeeper people want to be held accountable is just plain bogus. They did it to prevent competition.
Great troll. In case someone took you seriously, by paragraph: Wrong, wrong, and stupid.
...virus writers
> He was reverse engineering the protocol that BK used on their servers.
No, he was interacting with a world-facing open socket.
> What if Tridge wrote something that totally hosed the kernel source on BK's server?
I have no idea what you are saying. Whose server? Did you mean to ask "If BK has a such a fragile client-host relationship that thou darest not probe its port, why isn't the interface secure/encrypted/more obfuscated?"
> One of the reasons BK kept their stuff closed was so they could take accountability if anything went wrong and now exactly how every client was accessing it.
Accountability? Right, if you mean that it kept their accountants busy. Show me where in their license they accept accountability. Show me any software license where someone accepts accountability. They kept it closed to make money, in which I find no problem whatsoever.
> This isn't just copying functionality, it's putting a widely used system at risk because you don't agree with their practices.
Bullshit. In no way did Tridge put anything at risk other than two egos (L and L). At no point was there any political statement made by Tridge about practices.
>
Har!
Also, you still can't get docs on a whole lot of BIOS stuff which was reverse engineered years ago, because of indefinite-duration contractual obligations.
In any case, certainly, using telnet to type "help" and reading the resulting documentation does not count as reverse engineering. It is instead a form of RTFM/RTFD.
> One of the reasons BK kept their stuff closed was so they could take accountability if anything went wrong and now exactly how every client was accessing it.
Yeah, I know and I think it is bullshit.
Nobody should rely on the client to be nice.
A while ago, any computer running ICQ could simply be shot down by a wrongly formatted package that ICQ would parse and break on it and (in the days of Windows 9x) take the OS with it.
From what I read, BitKeeper has the same problem : a client can completly trash the repository if it doesnt respect the protocol. Which I call slopy design.
I client shouldnt be able to make more damage than the user has rights and HEY! it's a f*cking version control system. I DEMAND that any change done by any client can be reversed easly (after all, this is what I use a VCS for).
For me, it looks like BitKeeper has a HUGE reliability problem in that it relies far too much on clients respecting the protocol and that they cry out that loud to avoid people from looking closer at this design problem.
I have discovered a truly remarkable proof for my post which this sig is too small to contain.
Gee, if Linux/Microsoft is so brittle that it cannot protect itself from a hostile client, people shouldn't use it either.
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
IBM provided the BIOS interface in one manual and the source for the BIOS in another manual.
The source manual couldn't be used without the potential for copyright infringement so people, like Compaq, used the interface manual to create a clean room version.
The linked article demonstrated how Tridge accessed the bk system. He typed 'clone' at it, and it started spitting BK data at him. He dumped that binary data to disk and started munging through it. He was looking at the *on-disk format*, not any "wire formats" other than the one demonstrated with the telnet session. He didn't need to be sniffing anyone's network to do this.
[
And except for IBM, on a small number of machines, for about six months, I don't recall MCA being used by anyone.
Much like the status of EBCDIC doesn't concern me much either. =)
Of course you're right. I was referring to the original IBM PC -- but I had forgotten the BIOS needed reverse engineering.
Lost at C:>. Found at C.
Most BK servers are part of the internet, opening a simple telnet connection to a well known port is no secret at all. If Tridge could corrupt BKs database any blackhat could. There's really no excuse for implementing poor security or none at all in BK. For the benefit of BitMover i assume that they did put proper security in place and safeguarded against accidental corruption of the BK database. Regardless of that your argument is moot.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
probably not kidding, but i expect the real reason is that first it's the OSS client, next it's the server, then it's bye bye bitkeeper...
Indeed. Imagine, if you will, a Linux-hostile group with some technical ability who wanted to disrupt Linux development. Can you think of a single better way to do this than to screw up the BK repository? This would be one heck of a DOS attack, no doubt accompanied by lots of bad publicity against Linux.
This would've been a lot more effective than Microsoft's SCO lawsuit against IBM; and could be done for just a fraction of the money.
I'm sorry, but the "security through obscurity" argument doesn't work here. And if BitKeeper is indeed as fragile as the creator of it claims, a great service has been done in getting the Linux community to move away from BitKeeper.
Let us hope that Linus' new "git" SCM is much better insulated against a hostile attack.
The best way to predict the future is to create it. - Peter Drucker.
Somehow I imagine this happened before you were wearing long pants--but the IBM PC was an open spec.
Does anyone remember taking thier first radio apart "just to see how it works"...
...and then use that information to build a competing radio?
Therein lies the difference.
Maybe it's the absence of audience laughter cues or something, I don't know, but the irony in Tridgell's demo and in The Register's writeup of it was entirely obvious to me. I had a really good chuckle.
... so Tridgell made his point admirably that there has been a mountain made up out of a molehill of nothingness.
Didn't you RTFA, maybe? Here are the relevant sentences:
Tridgell demonstrated the procedure to disprove accusations that his detractors in the Torvalds/McVoy camp had made against him. Principally, that he was some kind of "an evil genius" reverse engineer.
The demo showed that the work was obviously not reverse engineeering in any real sense of the word, nor was it even remotely describable as "genius" work
And he made us laugh at the same time too. You didn't?
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
The Register doesn't sit on the fence about anything much, they always make a clear stand for or against any major issue.
:-)
It's their hallmark, "Biting the hand that feeds IT".
Pretty much like Slashdot, but without the dups.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
TW to Linus at
If which was the case Tridge would have contacted his lawyer even though he did clearly did nothing illegal w.r.t. bitkeeper, but if Linus has influence with OSDL then he would have needed advice regarding suing for unfair dismissal.
The simplest and most blatantly obvious explanation is that McVoy freaked over and acted like a jerk, then decided to start spreading FUD with a little help from his unexpectedly misguided friend Linus.
Until more information comes out from McVoy, there really is no reason to give him any more credibility than he already squandered. Agreed. But there is no need to make up stories about what must have really happened, when it is pretty clear what did happen.
Akarsz Magyar Gentoo fórumot? Akkor
Well, certainly not that! If that's to be considered reverse engineering -- especially illegal reverse engineering -- then the next question we need to be asking is ``Why is it so hot where we're going and what are we doing in this handbasket?''
Anyone remember when ``HELLO'' and ``HELP'' were the same program? (Extra credit: Anyone remember what OS that's from?) Today's legal climate would probably have anyone issuing ``HELP'' on that OS tossed in jail as a system cracker. (Heck, if ``lynx'' can get you indicted in the UK...)
CUR ALLOC 20195.....5804M
https://sourceforge.net/projects/sourcepuller/
It's one thing to have bugs that can be exploited, another to have an insecure design that really can't be secured. BK wasn't designed back in the nice old days of the net when everyone was friendly like unix / dos. LM should know better.
Give it a rest. BK is buried, the first kernel
release with git is done.
Fucking Register is trying to get some pageviews
by trolling again and again.
For the last time - what Tridge did is legal.
But it screwed Linus over because he used BK
which was the best tool for the job.
Lots of "propritery software is crime against
humanity" dudes are crying "we told you so" the
whole mess would have not happened if only Linus
used a free and blessed software.
But the truth is that there was no free software
which did the job.
If some random client "...totally hosed the kernel source on BK's server...", then I would consider that a serious flaw in the software well worth discovering and fixing. Afterall, what's to say a malicious client isn't trying to do this very thing right now. Or how about some random layer 2 or 3 data corruption which exposes the same issues.
As we've well-learned, in watching cross-site-scripting, buffer overflows, and other attacks - you can never trust the connecting client.
Someone should really reverse engineer BK and publish the results. It would be interesting to find out what all the real problems are with a system that can't handle a rogue client without trashing the repository.
git (GNU Interactive Tools) is a screen-based console "filer" with command line and extreme flexibility and key mapping, etc.
Freshmeat:http://freshmeat.net/projects/gnuinterac tivetools/
Homepage: http://www.hulubei.net/tudor/git/
GNU Page:http://www.gnu.org/software/git/
"I DEMAND that any change done by any client can be reversed easly (after all, this is what I use a VCS for)."
Bitkeeper does that just fine.
I would say "MOD THE PARENT UP" but then i noticed you already were on +5 insightfull :-P
Anyway, good analysis.
Tridgell = Samba = Screws Microsoft = Good
Any questions?
Look at his goddamn UID and read the post again. Then go fuck yourself.
Um, yeah. Buggy clients shouldn't crash servers. This is basic.
Please explain what is illegitimate about reverse engineering Bitkeeper's network protocol in an effort to distribute a free software program which is network-compatible with the proprietary Bitkeeper program.
Digital Citizen
Whopping 4.77 MHz and I could even save programs to my cassette recorder...
Pay no attention to that man behind the curtain.
No, Adobe wouldn't need to reverse engineer anything to make their proprietary software compatible with Nikon's encrypted white balance segment of the raw files. There actually aren't any adverse implications for Adobe in this situation.
Adobe need only negotiate a license for a proprietary binary-only software which they could link into Photoshop or call as needed. Thus, Nikon and Adobe can continue to screw users out of their freedoms and their money while these proprietors retain their secrets.
Please don't forget how Adobe used the DMCA to arrest and detain Sklyarov. The public's real problem with Adobe should center on Adobe treats their users and that they back laws which are unhelpful to the free software community.
Digital Citizen
I have been following this issue for some time now and cannot really avoid the feeling that the issue isn't really in reverse engineering the BK protocols. Real issue lies in the management of the servers and ownership of the server. What other intentions could an open source implementation of BK have other than access their hosted servers?
In my view the service (whatever it is) is owned and regulated by the company or individual who provides the service. In this case the service was free, and everyone was happy about it. Open source client would destroy this control over the service and enable users to access the service without agreeing to the terms of the service. I cannot imagine how any company would allow this kind of behaviour to happen.
What I have understood is that Linus is against reverse engineering something that sole purpose is to circumvent control mechanisms of this kind of hosted service. Maybe it is not illegal as such but it is not morally correct either as the service provider should have control over their service. One could argue it actually is an intrusion to their server and accessing data without permission.
Anyway comparison to SAMBA is a bit odd as the servers SAMBA was ment to access were mostly maintained people whose sole purpose was to share the data with all legal users. There was not one company maintaining gigantic share containing all the shared data in the world.
Actually, Arch is integrating git
Note to mods: read the topic. The content of this post was likely plagarised from somewhere. "#buttes" is some GNAA thing, so that obviously makes it a blatant troll.
If Tridgell was under an agreement not to sniff the network this might have some validity. He says he was party to no agreements about Bitkeeper.
... Standards and Practices !
Anyone can look at packets on the network, it's common ground. Samba was developed precisely this way and if that's all he did with the Bitkeeper packages there is no violation of any damn thing.
PenGun
Do What Now ???
As a couple of people have pointed out, I too found the whole BK thing with Torvalds, exceedingly bizarre.
:-)
:-)
Furthermore, I think cvs has some issues, but the decentralized approach bitkeeper portends, is some sort of super secret to doing offline cooperative source code management?
My whole impression with the excommnication of the kernel source code from cvs, was that they had to totally dump cvs for what reason? Kind harsh, period.
What I couldn't understand is why didn't they design or modify cvs to do disconnected distributed updates with similair capabilities such as BK.
Is it NOT logical, to have a tool with source available to modify should it not do what you need it too do? (i.e. if cvs really was deficient, it is open source so it can be fixed.)
Is that not the whole point to this endeavor we Open Source guys are exercising in our daily professional lives?
Revolting against closed source systems because they break far too easily, can't be fixed without going to jail and are owned by companies who have no interest in solving our problems just creating features to keep the upgrade cash cow machine milking continuously?
Whether we like it or not?
?
Instead, they just totally dumped cvs which manages some of the largest projects on the internet that easily rivals the size scope and complex code base of the Linux Kernel, (Mozilla)
Mozilla developers are pretty happy with cvs, and judging from the results, I use Mozilla everyday.
So why did they dump cvs again?
Something else must be going on here and unfortunately, the true reason why Linus would use BK is probably something he is keeping too himself.
We probably wouldn't like the answer anyway, so I am fine with that.
Just for the record, I am in the camp that thinks it is a fundamental error to architect a piece of software that is open like the Linux Kernel number one, number two being its primary proponent of open engineering practices in general like Linus Torvalds, number three then turn around and close off the technology process that builds it and suggest it is a better way to manage the process than the one your using to build number 1.
WTF?
However, Linus is still my hero.
-hack
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
As a person on the side watching this all unfold, I just want to say thanks Linus and other ass hats making this a soap opera, you've set back linux by at least 1-2 years. Who the hell wants to deal with all this shit, act like businessmen please and not stupid high school kids having a programming spat.
Because it isn't just him who has to use the solution... his acceptance of BK forced other developers to use it as well... sure Linus got a free ride... but I am not sure if any of the other kernel devs were offered the client for Free... and even if they were... what's wrong here is that Linus' free use was conditional on the behaviour of other individuals... how is that free?
That's like you getting a free version of, oh lets say, MSOffice, but if I try to reverse engineer the doc formatting to allow my OOffice to open your docs, they revoke your license... you would be a fool to think you could hold onto the free license under those terms... and so was Linus in this case.
http://www.m-w.com/cgi-bin/dictionary?book=Diction ary&va=performant&x=0&y=0
My other first post is car post.
I now remember why I don't watch soap operas.
Every episode is exactly the same.
Moof.
svk. there you go.
100% distributed, decentralized, and uses subversion.
you're welcome.
This is a slugfest that only Gates, Darl, and RMS would love
I disagree. tdr and djb would love it too.
Upon Googling, I found this link which would seem to indicate that both Tandy and Dell released MCA PCs.
Truer words were never spoken, and I thank you for posting them. Sad thing is the rest of your comment indicates you have set them aside already, or perhaps never had them.
There is absolutely nothing unethical in what Tridge did here, at least insofar as has been mentioned in any of the reporting on this in the past few days that we've both had access to. There is absolutely no ethical obligation to keep an agreement you were not a party to. The rest of your rant assumes facts not in evidence, without any source, and has the definate whiff of BS to me.
In fact, what Tridge has done here is the epitome of ethical behavior. Linus is stung now, understandably disoriented and angry because he's been proven wrong and, being human, his first response is to lash out at Tridge instead of thanking him. Give it a few years though... once his wounded pride settles down I'm sure he will, in fact, thank Tridge for this.
Locking your data into a proprietary single-vendor format for the sake of temporary convenience was never a good idea. Everyone told Linus this, but he was too smart to listen. Now exactly what he was warned about has happened. And it was inevitable all along - if Tridge hadn't done it someone or something else would have - McVoy was a ticking time bomb. The fact that the guy isn't very stable didn't help, but honestly - McVoy could have been a saint and the thing would have still been a ticking time bomb. If Tridges actions resulted in it going off a little sooner than otherwise, then he saved Linus and many others trouble in the long run. Replacing BK wasn't going to get any easier...
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
One of the reasons BK kept their stuff closed was so they could take accountability if anything went wrong and now exactly how every client was accessing it.
Client-side security is no security at all.
Security through obscurity is no security at all.
So let me get this straight... Jeremy Allison, Andrew Tridgell, Gerrald Carter, John Terpstra etc write a tool that reverse engineers Microsoft/LanMan protocols and I am supposed to feel all warm and fuzzy...
Andrew writes a tool to reverse engineer BitKeeper and I am supposed to be pissed???
So, is this a case of "it's okay to do it to MS, just not one of our own"?
I can actually respect McVoy's decision to remove the free client
Good; so should anyone. The owner of any software should have that right.
The SAMBA and BK situations aren't exactly identical
I dont' think so; if a 'free' program causes trouble for the 'official' one it will tarnish the latter. Support requests because of incompatibilities will cost the company producing the original a lot of money. Though I couldn't care less; re is a _valid_ method of gaining control over rights/information which should be public in the first place. If companies would define (and publish) interfaces to interact with their implementation (which may be closed source), we would have far less problems.
On second thought I kind of like staring at binary dumps;-)
...by developing a competing product? Wasn't he also bound by the BK license clause that forbid anyone using BitKeeper from creating something like git?
Pat
Not if Larry revoked the license. Revoking the license removes any restrictions imposed by said license.
For one who read occasionaly the archives of the linux kernel list [URL], it would be obvious as to who McVoy is. An arrogant troll! The worst part is that he thinks that BK is some big thing/invention. And that's exactly what linus is trying to prove with 'git': it's no big deal Larry.
So why did linus use BK in the first place? In my humble opinion linus *used* McVoy and the BK services. McVoy gave them for free, so why not? For as long as it would last. In the meantime somebody would write a free decentralized SCM.
Tridlell? Linus basically didn't wanna piss off larry because larry as a madman he is could pull off the cables and leave the kernel without source. Linus had to avoid only that. And he's not a troll. But Tridell wanted to piss off larry and advertise his reverse engineering skills (gas station owner really look into these things you know)
At the risk of getting modded as redundant I'll say it... for those who don't find this obvious -- Tridgell "reverse-engineering" BK was just an excuse for McVoy to pull back the free version. And this article only makes it more obvious. McVoy just needed to point his finger at someone. And Torvalds just followed McVoy's leads (or vice-versa).
We should all lobby Sun to open source their old TeamWare product. Sun killed it, so it isn't do them much good. It has a lot of the features that BitKeeper does. Not too surprising, given that McVoy worked on it. But we could see just how serious Sun is about open source.
Grandparent:
"If BitKeeper wishes to keep their source proprietary then it is morally wrong."
Parent:
"People should have the "FREEDOM" to..."
Freedom to do what? You do realize that morality necessarily means giving up the freedom to do things (like kill people you don't like etc.).
If people want the freedom to be antisocial with regards to their sourcecode that is fine and people can choose to do so, but that doesn't make it moral*.
*(It also doesn't mean it's immoral, you'd have to read what RMS says and see if his arguement holds, or up with a coutner arguement.)
LWN has the best coverage of this. Sadly, it costs $$$. As it turns out, if you issue an invalid command after telnetting into BitKeeper (for instance, hit enter with nothing else), it shows a prompt where it says "Error --- type help for help". This lists the commands. One of them retrieves the source repository, including all metatags. It's a trivial effort from there to grab the source and look at everything.
I can't believe Larry is threatening to sue (sueing?) Tridge over this. I can't believe Linus is pissed at Tridge. For the first time, Linus is acting like a real asshole (Larry, I'm used to being an asshole).
ESR has zero stature with any of the kernel hackers after the CML2 fiasco. He has very little left with most of the hotshot programmers. He's pretty technically clueless in comparison. ESR is good at bridging the world to business, and so carries weight with journalists, people in the business world, as well as non-programming/barely programming power users. Him standing up to this would do no good. He also doesn't have the guts --- he's a politican, and this would make him more enemies. Perens is the only guy who has the cred and the balls to do this.
How long until Linux goes the way of XFree86?
Gee, if Linux/Microsoft is so brittle that it cannot protect itself from a hostile client, people shouldn't use it either.
Yup. If you don't have the latest patches on either a Linux or Windows machine then you should not have it connected to a network running anything that you rely on.
Company's spend a lot of money keeping up-to-date to ensure that Linux/Windows machines can protect themselves against hostile clients.
Source code from tridge has been posted to FreshMeat. The SourcePuller project is hosted on SourceForge.
"If people want the freedom to be antisocial with regards to their source code that is fine and people can choose to do so, but that doesn't make it moral*."
You see the problem is that I really feel that BitKeepers license was the LEAST free that I have ever seen. I have no problem with them selling software and letting people copy it as much as they want. That is their choice and is no more immoral than any other property rights. It does take time and effort and money to write good software. Where BitKeeper went too far is the "no competing projects" part. I do not know if I would even call that immoral. I will say that I found the price too high.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
MCA was used by IBM up untill 1996-1997 (I dont remember when they went over to PCI exactly) for the RS/6000 (POWERPC) machines they were selling. I believe MCA was first used by IBM back when the PS/2 systems were introduced to the market, this would have been late 80's into 1990.
Well I've wrestled with reality for thirty five years doctor, and I'm happy to say I finally won out over it.
The FSF, which has a very good grasp of American copyright law, maintains that setting conditions for merely running the software is outside the powers of a copyright holder in most circumstances. The early revisions of the Apple Public Source License were criticized on this basis, noting the cruel irony that would result if trying to make a free software license resulted in extending copyright power.
Digital Citizen