Slashdot Mirror
Napster Attacks Open Source Clone
Anonymous Coward writes "In a
letter, the author of a Gnome-based
Napster clone was pressured
to remove distribution of the program due to the fear that
source availability would make the Napster servers less secure [if]
gnap
is not ceased." UPDATE by RM: Ryan Dahl, gnap author, has spoken with Napster, says they've come to a happy understanding, and has removed the "letter from Napster" (and his response to it) from his page. He also tells us that he and Napster are working together on an article for tomorrow, which we eagerly await.
FYI: Letter link is dead/inaccesible.
http://www.gis.net/~nite/
-DAVEO
-matty
and end this before it gets silly, non-issue.
+&x
security through obscurity sucks. those napster lamos should just not bite boners.
once the source is out in one place, people have it, and it spreads...like wildfire...napster cannot win this fight and should just welcome its counterpart. It's hard to stop the spread of source code.
Dan
There seems to be a double standard in a borderline legal product that was created for the sole purpose of piracy (they say it wasn't, but come on, what did they think was going to happen?) complaining because a clone is compromising it's own security.
From the gnap homepage:
1999.11.29
Thank you to all the people that supported me today. The situation was fairly heated for awhile. All I really want to do is code this client. Let me say that Napster (the person) and I discussed this issue completely. He was very resonable and nice when I got to talk to him alone. I hope we can work together to make Napster a good service.
gnap is and will continue to be GPL.
---
He's taken the letter down. He says he spoke with Napster (the author of the program) and the guy was nice and that they're going to work together.
--
Jeremy Katz
What makes some of these companies think that whenever somebody writes a piece of software that exploits the flaws in their software, it's not their fault? This is just like the whole DeCSS business. Big (well, Napster isn't that big in this case) corporates trying to protect their "proprietary" software when the only reason it needs protection is because it's weak. It also seems pretty hipocritical to me when Napster, a company which is basically devoted to assiting people engaging in music piracy, tries to shout the same "it's mine!" call as the music industry. I don't know about you, but this I downloaded the gnap source code as soon as I saw this posted.
There's no reason for a sig here.
Miguel de Icaza's activity log has a link to the irc discussion that the author of gnap had with the people from Napster. I am not sure if this discussion took place before or after he received the letter.
Look at the comments on the main page.
The Napster guy is valid in his assumption that open specs will cause lots of hacking. However, he seems to forget that keeping it closed will not stop hacked clients from emerging. Gnap is proof of this.
If you're going to bombard Napster with email, don't flame. Just indicate that security-through-obscurity simply doesn't work. Any sort of protective measures he wants to do should be done on the servers, not so much the clients which everyone has access to.
I personally would like to see lots of encryption.
I am surprised napster is _suing_ someone instead of being sued. Considering the fact that napster itself barely seems legal as it is, I'm also surprised that RIAA haven't shut napster down yet.
And what exactly would be the harm of releasing the source code for napster? As long as it only transfers mp3s and it is not used to transmit viruses and trojans, it is safe to use. If napster is really serious about protecting its users, it should open up the source and let people work together to fit napster's security problems (if any, surely there's gotta be a bug somewhere) instead of hiding the source, having someone discovering the bug, exploiting the system from three weeks, and then napster respond with a patch.
just my $100/5000
_______________________________________________
There is no statute of limitation on stupidity.
sigh... you should talk to Justin.
Gnot when Gnapster was just getting goood! Gnow the company had to go and pull this shit... goddam give it a break, its gnot like anyone's stealing money from the company, it has no real future except to helpe me pirate my mp3s...
never, apparently. Didn't ICQ teach us that putting 'security' in the client was pointless? Come on, whining because someone released information detailing the protocol(s) used is pathetic. Security through obscurity, client side security, whatever you want to call it.. developers need to understand the plus side of the open source movement, as they will have problems pointed out (and usually solutions presented) by people who care, rather than having the problems unknowingly exploited by some script kiddies.
People seem so quick to hop on the lawsuit bandwagon when the words "reverse engineering" emerge, but think.. Using tcpdump (or similar utilities), I can see what's being transmitted, and work from there. Thinking that your protocols will be kept secret by not releasing source doesn't make sense.
(a bit offtopic)
I'm reminded of one software reviewer's criticism against a windows "firewall" product called "Lockdown 2000". The creators of the product encrypted the executable, but they forgot that it was decrypted and loaded into memory.. just examine the memory with a utility and.. you get the idea. The company later threatened to sue the software reviewer for "cracking" their software (more than likely, fueled by the fact that the software blatantly lied about what it was "protecting" against, which was basically nil).
Let's just remember, something like napster obviously uses networking to communicate.. and as far as I know, sniffing your own system is perfectly legal.
(just my $.02)
--
Why don't they simply let the linux folks pound on it for a while and pick up the (open source) bug fixes?
Otherwise people will just find the 'sploits on their own and, well, 'sploit them.
Security behind compiled code just isn't security.
Roblimo, at least look at the link before you post a story. There's been a number of stories on /. lately that caused a lot of problems for a few people and got a whole lot more people in an uproar simply because the story poster didn't check the linked story properly.
I think that the headline for this story is very very very misleading. This is like the 5th time in the last couple weeks that /. has ramped things up more than they really are. He says specifically that Napster (the person) was a nice guy.. doesn't sound like a threatening attack to me from what I read. Please, try to be an unbiased news source from now on, I'm resorting to ignoring any and all comments from the posters at this point (Especially Roblimo and michael, hemos at least apologized)
I'm not trying to start a flame war,but I hope someone pays attention to this.
Dacels Jewelers can't be trusted.
Well, it turns out that 15 seconds of work AGAIN could have avoided this problem. there is no lawsuit, there never was a lawsuit, and there isn't a problem.
Slashdot - lies for nerds, stuff thats ignorant.
OPEN THE SLASHDOT SOURCECODE OR STOP CLAIMING TO SUPPORT OPENSOURCE.
The author says it will be eventually, but gnap being open source will probably result in it moving forward more quickly than the console client.
Is whether or not it is illegal to utilize "public services" with non-approved access methods. In particular, utilizing public net services. I am of the belief that if you are running a public server on the internet, you cannot expect people to use the client you specify. Imagine if you only had one browser to choose from? The web is a different concept in that it's decentralized, but ICQ is a good example. ICQ has the lion's share of the latest "hot" market, and as much as they'd like to retain total control, I wouldn't appreciate being tied into one client.
If we get to the point where the precedent has been set that public services are within their legal right to restrict which clients are able to connect, we're in a position where competition will be severely stifled.
I'd really like to know if this type of concept already falls under some law, or if its just another grey area in the merging of law and the net.
If services start pulling that, other less restrictive services can emerge and steal away the market with openness. Seems simple enough.
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
True, but most are. The goal of most companies is making money at any cost. Evil enough for me, by default I do not trust any company.
//rdj
No one can understand the truth until he drinks of coffee's frothy goodness.
--Sheikh Abd-Al-Kadir, 1587
Actually, the author has decided to never make it open source..
I have removed the logs and emails on the gnap site because they do not show Napster (the company) in very good light. This disision was mine and mine alone.
I had a long chat with Napster (the person, the owner of the company) this afternoon, and we worked everything out.
Many of the gnome developers had a meeting this afternoon (which I didn't join) with napster about this whole issue, everyone learned alot. After reading these logs I feel alot better too.
It turns out that Napster's (the person) request to have me remove the source code, was a request as a person (which didn't come clear across to me) not as a company. After that I wrote a letter back to them saying I would not remove the source. Then Saterday afternoon Napster (the person) his co-worker (?) nocarrier and I had a chat.
To say it bluntly, they were being rude and I was feeling threatened. (I WAS NEVER THREATENED THOUGH)
For about 24 hours the sourcecode was offline, before I decided to email them saying I would not take it off. That was that.
They have no legal case, nor do they want any legal case.
This has all been cleared up hours ago. I will put this on the gnap page.
-- four
1 - Napster owns the servers that the client uses. Period. They provide the servers for use by the client. Any unauthorized client using the servers is just that - unauthorized. This is exactly the same as someone relaying mail through your server that you do not authorize, and they should be equally free to do whatever they wish to make sure that only authorized clients use their servers.
2 - The service is provided without charge to the user. The client is provided without charge to the user. This does not == free, and it does not == public domain. The 'rights' of the users are just that of any other service - use it, enjoy it, if you don't like it, well... in so many words, shove it. I have yet to see someone build a free public domain server architecture and client to do the same, and when they do I hope that all of you will support it with gusto. Until then, you frankly have nothing to complain about. I don't see what is so wrong with using the client provided to you, and if you want to build your own and your own backend and open source it, more power to you.
Not according to the web page... from http://www.gis.net/~nite/ The Open Source Issue Whoops, the plans to eventually open source it are still on, I accidentally editted an old version of the page.
Hm, I don't think I was "ragging on" four but I apologise if it sounded that way.
Instead, I was trying to suggest that Napster had a little PR problem on their hands, and that the way to get out of it was to come open about what happened.
As for /. being important or not: I guess the results speak for themselves. Obviously four thought it was important enough to make him contribute.
The serious issue (if there is one) in this sprawling sub-thread is how to handle PR in the internet age. Obviously nobody are going to comment this deep in a thread, but I think companies have to re-evaluate their PR strategies. If nothing else then they now have to repond much faster to get their message accross (how long before a /. thread goes inactive and none of the posters read it anymore? A day? Six hours? One?).
I guess I'm advocating an Open Source approach to PR: get all the facts out in the open, fast. By all means annotate them and make sure your version of the story gets across. But don't hide or insult your customers by assuming that they can not think for themselves or that they are unable to handle the truth.
This whole story seems to be an example of PR going bad. Apparently everybody are friends now - or at least have a common understanding - but it does not appear like that to the outside world. That's a PR issue. It's not about who is "good" or "bad", "right" or "wrong", but about your company is percieved by your customers. And that is Napster's problem, as I see it. I suggested a way to handle it. Maybe it is not the best way, but it does try to tackle the problem instead of just hiding. And in any case it suggests an approach to PR rather then just a haphazard, ad hoc, inconsistent response.
Hi!
Personally, I think this is really funny. Even if it is all peacefully resolved now, it would be funny if the gnap guy just sent back all of Napster's quoted press in response to the RIAA and changed "music" to "OSS". The Napster releases are like, "It's all about community and sharing." That would be too funny. Anyone know how napster plan to make money, anyway?
As I understand the fear is that hacked napster clients will be able to report incorrectly what mp3's I have availible. But what prevents me from merely creating files of the appropriate size filled with random bytes?
It would appear that it is easier to fool the napster program in such a manner rather than messing with the source. Everyone can make a file not everyone can code a client.
Secondly who are they scared of? Even script kiddies probably have something better to do than falsely posting mp3's. If it is groups such as the RIAA flooding the server to make it unusable....well they could certainly reverse engineer the client just as well as I can.
Thridly while in this case the client seemed to be easily reverse engineerable security through obscurity is not impossible. If you capture a piece of my own private code the fact that you are unsure of the algorithm renders it difficult to decode (Re: those papers supposedly detailing buried gold in virginia where only one has been decrypted). Sure it isn't as secure as a well tested publicly availible algorithm but if your intent is to hide the actions of an algorithm your choices are limited.
Hell if security through obscurity never worked the wine project would be done.
Marriage is the "pseudo-ethics" that cloaks the messy truth of sexuality in the raiment of propriety -- it's "Don't Ask,
Napster has tried to be all corporate now claiming to be an all mighty "silicon valley" company. haha... one day it's a hacker site, the next day it got all corporate... do i here the words portal, .COM, and television commercials soon? yuck... how about i throw up right now on MP3.com valuation and take some of that puke and through it into the future at something as trivial as napster... which i'm sure will puff it's feathers up and hire frat boys who play golf all day so they can IPO within 4 months...
I guess this is a little offtopic (if Slashdot had a general posts board I suppose it'd go there) but I've been seeing a lot of posts criticizing the headings/content/comments of topics lately. People criticizing i.e. Roblimo for "Napster Attacks Open Source Clone" (others come to mind, such as the ID spying post and the Bruce Perens vs. Corel thing).
I just have one thing to say. Grow up.
Slashdot as a media source is not your classic 1/2 hour news jive. It's an immediate source that shows what's being said in the moment, links us to where it's being said, and let's us hash it out on our own. So when it gets wind that something happens, when it gets a link to a rather rude (I take it, I didn't get to read it) email that may be threatening, it is Slashdot's place to post it. Things change, and updates can (and in this case, I expect will) be made. If you don't like it a little raw, what are you doing here in the first place?
Jose M. Weeks
Anyhow, as with most things on the web, I suspect the law is at best unclear. I do feel, however, that the "open door" precedent is valid in this context so I would suggest that it is valid to restrict the clients. (It might be technically hard - or impossible - but that is another matter.)
;-). Webmasters can't/don't restrict access to their servers based on what browser is used (AFAIK), so, by the same token, Napster can't/oughtn't restrict access to their servers based on client.
I agree to the extent that, if it's your server, technically you have rights over it, and so I can see how someone could begin trying to justify the statement that you should be validated in your efforts to restrict access to your server. Isn't this similar to actions in the instant messaging scruffle between Microsoft and AOL? (I seem to recall something about one of them changing protocol so they couldn't connect... err.. I can't remember, but here's a link.) As someone else posted, this situation can also be likened to web browsers viewing pages; there are many different web browsers, but they can all connect to all web pages (unless it's down
Then again, I wouldn't know all the legalities of this, the implications, consequences, etc. I just think, as others have mentioned, that we're all doing about the same thing... why not work together?
Insert mind here.
After using the closed-source Win32 Beta of Napster, I can safely say that it is a buggy little thing. Hopefully all this work that is being done to bring it to open-source will at least get some of the bugs out. And there is always the joy of having such a cool program for Linux.
I've heard a lot of complaints from tons of people about how Napstar doesn't work with their firewall, and how they can't seem to get their hotlist to work. I've experienced the same problems these people describe, but they seem to be intermittent at best. I don't know if it's a Win32 problem, or a Napster issue, but it is definitely annoying. Hopefully with this new open-source version, some, if not all of these problems will disappear faster than they would have if the source had stayed closed.
What we really need, is a distributed form of the napster service. The protocol could be based loosely around IRC.. in fact it might just be easier to sit it on top of the IRC protocol. In any case, its not a terribly complex protocol.. and it would be so much nicer if the servers were distributed. Granted there is the whole speed issue.. but with some caching thrown in it could be pretty decent. We need a completely decentralized file search service ...
oh... and of course.. it'd be much harder for people to squash the service for distributing ~1 TB of mp3s =]
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I find it amazing so many people are in favor of hacking out a Napster-clone to use their servers. This is what MS did with it's IM, using the AOL servers, and that was completely blasted everywhere (and justifiably in most cases). Yet, now that someone is doing it to the Napster servers it's okay, because it's a Linux clone? Seems to me if using someone's servers is a bad thing, it's a bad thing for everyone, for any reason.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
Possibly, a permanent messageboard about Slashdot would serve to reduce the clutter in the news section.
--
Fuck the system? Nah, you might catch something.
Napster is a company whose only source of revenue will probably be banner advertisements on their client (unless they choose to go ugh, portal). By creating an open source clone without banner ads the company is losing impressions and therefore money.
.com startups).
As much as we would like to see people in an altruistic light, Napster as a company needs to make money to stay in business (theoretically, although that is apparantly not the case with today's
Napster is a neat toy and it would be great if they encouraged OS development, but don't be surprised that they don't. They would like to make some cash. Yes, OS software makes money, but the typical OS revenue model doesn't apply in this case (i.e. Napster won't be selling support).
Regardless of what they say about security, cash is what it all comes down to.
Before I get flamed, yes, I know that there is an "official" console based client out there, but I'd imagine that banner ads will be on that too once it goes GUI. And when he does in fact go OS with it, there will probably be some clause in the licence stating that banners will have to still be in there somewhere.
> 3. Remove metamoderation. It was a good idea,
> but how many people activly meta-moderate
> anyway? It's just more time spent not reading
> things that matter.
You mean you *don't* metamoderate? And you're
complaining about poor moderation?
I guess I'm a little dense this morning (and I'm not into ICQ/chat progs and swapping MP3 files) so I have a couple questions...
Several people have mentioned security problems. I'm curious what kind of security problems are involved here? (The only one I can see is the programmer losing control over his protocol, but as I said, I'm a little dense this morning.)
Given that there are security problems, how should they be addressed? Offhand (and not having taken a close look at Napster), the biggest problem I can imagine is there seems to be only one master server for Napster clients, I would imagine a hierarchical arrangement of a few master servers and sub-master servers, similar to Gamespy, would be more efficient (but that's more a performance issue).
Off-topic (but as long as I'm blathering), is there a Linux version or clone of Gamespy.
This is not a sig.
// TODO: fix sig
Thing is, they're doing it in PHP.
Here's where you can find it.
Thing is, it's still the old version. Honestly, I think Rob should be putting out the source more ovten. Perhaps CVS access would be something to try? Yes, I know the code's beta; that's never stopped Open-Source development before.
Just an idea.
Visit me on #weirdness on the Galaxynet.
Exactly my thoughts. This is not meant to really be dis against slashdot, believe me, I have loved slashdot since it was Chips and Dip. There are, however, some serious problems as mentioned by some AC's. One is the things they are posting on slashdot. There is still alot of good articles, but not nearly as good as it originally was. I used to read every slashdot article and every comment associated with it. Now I find that only a few articles a day are even interesting. And lately Slashdot has been posting stories that were posted a year or so ago, like they forgot they were posted (which is understandable I guess, but if the news link is over a year old, at least search the archives). Another big problem I see is the moderators. I am all for moderators moderating comments and such, but I disagree with some of the things they moderate. If anyone questions soemthing about slashdot, or the open source movement, it is considered troll bait and marked down to zero or below. I have seen an abundance of good, intellectual post in the past few months that should no have ever been moderated down. If anything, they should of been moderated up. Slashdot is starting to become like , say a government, someone questions it and they are silenced. No matter how intellectual and how good of apoint they have. And about the issue of open source and slashdot, my sentiments exactly. I have always thought slashdot code should be CVS'ed. Dont get me wrong, I am not open source extremist, but if they are going to open the source, at least give us the most recent versions. Dont open source an initial version, then keep everything private. Thats not open source. I would also like the see the financial records of slashdot open sourced (or content, whatever you feel is appropriate), as in how much Andover paid for Slashdot. Rarely does a company not disclose the takeover/merger price, especially in the internet industry. Anyway, I cant really say keep up the good work Rob. But you have a good site here, I hope it gets better then where its been going.
Jeff Knox
Exactly my thoughts. This is not meant to really be dis against slashdot, believe me, I have loved slashdot since it was Chips and Dip. There are, however, some serious problems as mentioned by some AC's.
One is the things they are posting on slashdot. There is still alot of good articles, but not nearly as good as it originally was. I used to read every slashdot article and every comment associated with it. Now I find that only a few articles a day are even interesting. And lately Slashdot has been posting stories that were posted a year or so ago, like they forgot they were posted (which is understandable I guess, but if the news link is over a year old, at least search the archives).
Another big problem I see is the moderators. I am all for moderators moderating comments and such, but I disagree with some of the things they moderate. If anyone questions soemthing about slashdot, or the open source movement, it is considered troll bait and marked down to zero or below. I have seen an abundance of good, intellectual post in the past few months that should no have ever been moderated down. If anything, they should of been moderated up. Slashdot is starting to become like , say a government, someone questions it and they are silenced. No matter how intellectual and how good of apoint they have.
And about the issue of open source and slashdot, my sentiments exactly. I have always thought slashdot code should be CVS'ed. Dont get me wrong, I am not open source extremist, but if they are going to open the source, at least give us the most recent versions. Dont open source an initial version, then keep everything private. Thats not open source. I would also like the see the financial records of slashdot open sourced (or content, whatever you feel is appropriate), as in how much Andover paid for Slashdot. Rarely does a company not disclose the takeover/merger price, especially in the internet industry.
Anyway, I cant really say keep up the good work Rob. But you have a good site here, I hope it gets better then where its been going.
Jeff Knox
On the other hand, it is /their/ servers, and /their/ service, so they get to dictate who uses it and how it is used. Not unlike AOL dictating who can interoperate with its instant messaging software. Since they have put the time, money, and effort into building the backend they should be able to dictate how it is used. If I provided a service to users, I wouldn't want the possibility of a foreign client disrupting or corrupting that service. In reality, in light of the fact that they give out their own client free, an open-source client probably wouldn't hurt anything, and in fact probably help, since they would gain a rather large, tech-savvy audience (I'd guess geeks have the monopoly on MP3s right now anyway).
How many people who agree they should open up their backend to foreign clients agree that AOL should do the same for MSFTs messager? What if they weren't giving their client away free?
It's 10 PM. Do you know if you're un-American?
I honestly don't give a shit about Karma, and personally think slashdot has been going down hill since I got my user account. I tried to post something relavent and I get flamed for it. I appologise. My next post will be more on topic, and (just to keep on topic) I must add:
I JUST POURED NAKED AND PETRIFIED GNULIX BRAND GRITS DOWN MY PANTS SO J00 Mu57 Ph3@R m3!^%&^%@?
ph1r57 p057!!&(*&(*@?!(!!
PS: The second best way to get Karma is to ask to be moderated down. I'm glad I haven't had moderator access since THAT bullshit started.
---
Who cares? So a handful of Linux freaks use a new client! Big deal.
What prevents someone from extracting the key from a signed binary and using it with their own?
I am one of the Gnomers who has been following this issue, and was also present at one of the irc conversations with the Napster people. I've done a little writeup of the events, which I'm hoping will help set the record straight.
The writeup is here, posted on Advogato. As usual, anyone can read, but posting is restricting to free software developers.
LILO boot: linux init=/usr/bin/emacs
The message has not got through. If security relies on 'closed' or 'secret' code the code is not secure. Only by 'many eyes' who know what they are looking for will any code ever be 'reasonably' secure. "Secure is an aspiration not an achievement."
This moment there are 173 users logged on, which means they has far from as many users as Napster has, even if just counted by server.
The client is neater that Napster, but seriously lacks some vital features that the latter has. And as I stated previously, not many people has found this client. I predict this will change in short time.
The url to the client (hard to find as you cant navigate there from Globalscapes site) is:
http://www.globalscape.com/Beta/cutm x1032b.exe
Else try this: .phtml?id=70
http://www.cybertropix.com/software
Btw: I don't know if it's a result from the /. effect but you could definately notice an increasing number MP3's on Napster following the /. article a few weeks ago...
Hello - its unfortunate that a simple discussion and request by the creator of napster (as an individual) to simply delay the release of client source until a new server (that is in testing phase) was put into place. I was privy to this discussion, and I saw that the concerns were for napster users and the implications of a premature source code/protocol spec release as opposed to any type of oppression. From what I read, there were no threats or imperatives involved - simply involved a request that it be delayed until the proper message/channel flood throttles (among other throttles) were in place. The information in this post regarding "Napster" was very ambigious - the post did not make it clear that it was Napster the person and not Napster, Inc. Its easy to see how an issue of this nature could be blow out of proportion - there are thousands of open source freaks waiting to flip out about how they are being oppressed by the man. The advantages of open source are evident and stem from the fact that vendors are forced to make problematic code a higher priority. This situation seems interesting - the developers were aware of the problem, asked for a bit of time to put the proper fixes into place.
If you poke around the link listed under "slashdot parent andover.net files for IPO", or whatever it is that the link says, you can find this. Looks like around 11 million? But who knows how much more if Andover successfully offers, and the stock price rises.
Slashdot.org Purchase Agreement
Under the terms of the Asset Purchase Agreement between BlockStackers, Inc. and Andover.Net, dated as of June 18, 1999,
Andover.Net purchased those assets of BlockStackers relating to the Slashdot.org web site for 1.5 million in cash paid at closing
and maximum future cash payments of $3.5 million payable over the next two years contingent on the continued employment of
two key employees. Maximum future stock consideration of $7.0 million is payable over a period of two years following this
offering. For the purposes of these issuances, the number of shares of common stock to be issued is determined using an assumed
initial public offering price of $13.50 per share. Thus, the total consideration that will be paid is valued at $8.5 million and the
maximum contingent consideration payable is $3.5 million. All consideration has been or will be paid to BlockStackers. The number
of shares paid is contingent on the continued employment of two key employees and the achievement of performance milestones
relating to traffic on the web site.
*
148,148 shares issuable upon the closing of this offering;
*
74,074 shares issuable seven months after the closing of this offering;
*
49,383 shares issuable 12 months after the closing of this offering;
*
98,763 shares issuable 12 months after the closing of this offering provided that the milestones in the agreement have been
met;
*
49,383 shares issuable 24 months after the closing of this offering; and
*
98,765 shares issuable 24 months after the closing of this offering provided that the milestones in the agreement have been
met.
Pursuant to this purchase agreement, BlockStackers also agreed not to compete with Andover.Net or to solicit its personnel,
customers or suppliers. Specifically, BlockStackers may not compete with Andover.Net, its subsidiaries or affiliates by engaging
in any business that involves a real-time or contemporaneous news web site until June 28, 2004. Prior to June 28, 2001,
BlockStackers may not solicit personnel, customers or suppliers from Andover.Net, its subsidiaries or affiliates. Mr. Malda, a
director of Andover.Net, owns 25% of BlockStackers. Mr. Malda, the President and co-founder of BlockStackers, was a web site
manager of BlockStackers, running Slashdot.org. Mr. Malda continues to run Slashdot.org as a web site manager and editor of
Andover.Net.
Whoops, the plans to eventually open source it are still on, I accidentally editted an old version of the page.
He changed his mind. If he plans to OSS it, I don't know why he doesn't do it from the start.
Switch the . and the @ to email me.
Obviously they're too busy trying to ride the wave they've created to worry about something as trivial as security.
(and yes, before
someone says I'm blowing smoke out my buttocks, I do have the knowledge and experience at writing TCP/IP servers ala MUDs or IRC
servers to write something of this magnitude)
I say you're just blowing smoke.
Prove me wrong.
Marc
WHERE IS THE CURRENT SLASHDOT SOURCE??????????
http://slashdot.org/code.shtml
Please try to stay on topic...
Now that Andover owns Slashdot im sure they have the final say in what to open up and what not to.
I have to return some videotapes...
Thats an ancient version! WHERE IS THE OPEN SLASHDOT SOURCE????????/
As a matter of fact, I am.
Oh, does it now matter what I use the source for? Source code should be FREE, right hypocrite?
WE WANT THE CURRENT VERSION OF THE SLASHDOT SOURCE CODE!!!
--- Just focus on scrapping Windows, 'kay?
Of course not. It's the Racketeering Idiotic Assholes Association.
The moderation system is OPTIONAL, Einstein. Don't set your threshold high and you get to see everybody's comments, not just the SlashDotApproved[tm] ones. And who cares if some twit's post gets moderated up to 5, just don't read the point scores. Matter of fact, There Should Be An Option to turn off moderation points entirely? Maybe there is somewhere, but I don't have the time or inclination to create a login for myself on every single freaking web-based discussion board I read.
-----------
"You can't shake the Devil's hand and say you're only kidding."
I am posting this 2 days after this thread was on slashdot,so it will probably never get read. The point wasnt that I couldnt see comments or what not, its the principle of the thing. I frankly dont care about the moderation system as an object, but the overall principle of censorship of perfectly good comments.
Jeff Knox