Yes. The GPLv2 is compatible with DRM and so-called "tivoization".
However, it is still a violation of the GPLv2 to impose additional licensing restrictions. For example, Apple's license prevents you from installing the software on more than 5 devices, and it prevents you from modifying the software and running the modified version.
The freedom to modify the software and run the modified version is one of the fundamental rights granted by the GPL, so the App Store is clearly violating the license.
Well I for one am glad this is over and Google understands what it did is wrong and nobody will try something like this again.
I'm glad this issue got some public attention, and everyone learned a valuable lesson (which should already have been obvious): reading other people's wi-fi is wrong.
Now I can go back to setting my router to no encryption and be safe in the knowledge that nobody will read the passwords and bank details I will inevitably send in the clear.
And to add further insult, his example of "why open systems don't always win" is Microsoft's DRM. That's your example of an open system? You're equating an open source operating system which anyone is free to install on any device to a system which prevents people from listening to music they have purchased?
"The first thing most of us think about when we hear the word 'open' is Windows"
Wow. As stupid as that sounds, I think this is a very dangerous statement. Jobs isn't just missing the point here. He's stealing our words. He appears to be saying "don't focus on open vs closed, focus on fragmented vs integrated." But he isn't really saying that. He's redefining "open" as "fragmented" and "closed" as "integrated". He's de-valuing all of the advantages of an open platform and summarising the entire paradigm with the word "fragmented".
Sadly, when it comes to tools for doing the circumventing, these are broadly banned, even where some limited uses might be legal. This appears to set up a situation in which an ACTA signatory could allow people to bypass DRM to make backups or exercise fair use rights, but could not allow distribution of the tools to help them do it.
That right there is the reason why we have to fight it. If they say "it's legal to circumvent DRM, but not to distribute tools to do it," then we'll have no ability to do so. We can circumvent DRM today, but only because other people have collaboratively written software to do so. This is equivalent to passing a law which says "it is legal to toast bread, but illegal to sell a toaster."
(Sorry to the US citizens who already have the DMCA... I'm in Australia and we have enough problems without this to deal with.)
Best way to check if you've made an improvement over an existing system: "Cheswick hasn't performed any usability tests to see how the average Internet user might respond, but anything's better than the current system."
Wow, leaving aside the stupidity and inconvenience of using maps as passwords (sure, there's enough entropy, but shoulder-looking kills it, and it would take much longer to enter a password than with a text-based one), the entire article seems to centre around the concept that this will solve the "multiple passwords" problem.
"Online passwords are tedious, and it seems like too many websites require one"... "I hate creating a new password for every website where I keep even a scrap of personal information". Seems like the two issues are entirely orthogonal. How is this going to help you with that problem? Either you're going to have to remember dozens of map locations for dozens of websites (same as passwords now), or you're going to have just one location for all sites, and be vulnerable to the same problem as having one password.
My solution is to use SuperGenPass, so I have one master password, but it generates a different password for each site, without storing passwords anywhere. There's also LastPass, which I haven't used, but it looks like a nice strong client-side-encrypted cloud-stored password database.
Well, it's time for GOG2.0 and... Slashdotted. Damn!
For what it's worth, I thought this was a pretty clever advertising move, and am not at all offended by it. Servers go down all the time for no reason. This one had a reason -- marketing. So what?
The worst part, as far as I'm concerned, is how they made such a huge deal over this when, judging by the videos, it's really not a major improvement. GOG already had all the features we need, and it worked really well. Adding social networking and a Facebook "Like" button doesn't really add much value.
I agree, and I am almost completely happy with my N900. Unfortunately, with the announcement of MeeGo, and that it won't run (officially) on the N900, it looks to me like it's now all but a dead product, and will never have any more apps written for it.
Frankly with all this moving about between Maemo and MeeGo, I have a feeling it's safer to buy an Android phone at this point.
We have routinely asked Adobe to show us Flash performing well on a mobile device, any mobile device, for a few years now. We have never seen it. Adobe publicly said that Flash would ship on a smartphone in early 2009, then the second half of 2009, then the first half of 2010, and now they say the second half of 2010.
Umm... I'm holding in my hands a mobile device which shipped in the second half of 2009, which runs Adobe Flash 9 right out of the box, at reasonable speeds (some slowdowns, but overall runs without any jitters) -- the Nokia N900.
Am I missing something (is my phone not classed as a "mobile device?") or is Steve completely bullshitting?
My dream is that JavaScript is replaced by an assembly language.
If nobody is actually writing code in this extremely high-level language, then why do we have a high level language? If JavaScript is to be the assembly language of the next decade, then the whole "RISC is better than CISC" has been MASSIVELY inverted -- JavaScript is WAY higher up the CISC scale than x86 assembly.
The way we are going, we'll have high-level languages compiling into another dynamic, possibly higher-level language (JavaScript) which is then optimised to hell and back by the client, which is stupid and not perfect. It is absurd that GWT compiles (relatively) efficient, static Java into completely untyped dynamic JavaScript and then Chrome is forced to optimise it again -- poor Google are forced to completely round-trip the code because the standards are sucky.
I hope that one day soon, JavaScript will be replaced by a platform-neutral source-language-neutral object code (possibly Parrot) which already allows for optimisations.
I think that was Randy's point -- by requiring people to use Steam to play their games, Valve slung-shot Steam to #1 distribution service. The "unfair" thing is that they are both a game producer and distribution service for all the other games.
The curses interface you see in the demo was just a silly demonstration that anyone can write their own Wave client, since it's an open protocol. I'm not sure if they'll release the curses interface, but it wasn't a serious client, just a demo.
The point is, you aren't tied to Google's web interface, because sooner or later, someone will write a Wave client for you, no matter your taste (curses, desktop GUI, mobile, etc).
5.5 Questionable patents and legality status. US Linux users cannot play many popular audio and video formats until they purchase appropriate codecs.
Entirely true. So?
What do you think you're buying when you pay for Mac or Windows? Part of the costs go towards paying patent trolls. Give away an operating system for *free*, but require a small fee to pay off the patent trolls, and suddenly the OS has "questionable patents and legality status."
#8 is THE reason to use Ubuntu. apt-get install is the killer app for Ubuntu. Being able to install virtually *any* application I want to try out in ten seconds is something which you can't live without once you've had it.
Also the apt system is authenticated using public key technology, and automatically tracks dependencies and keeps all applications up to date.
The Windows eco-system of searching for software using Google, downloading untrusted EXE files and installing them without any peer review OR authentication (and of course hoping it's not spyware), THEN having each application keep itself up-to-date; it's just laughable. It's pathetic.
I'd argue Ubuntu *is* ready for *everyone*. I've waited a long time to say it. I held my breath in 2005, 2007, even 2008, but it's now a consumer-grade operating system. It's *far* easier to use than Windows, and I mean for normal people too. The only problem is market share and developer support (legitimate problems, I'd agree).
So how are legit users supposed to get around all the shitty DRM products with a limited number of installs, like Spore and Mass Effect and Adobe CS4?
Not Microsoft's fault, but it highlights the stupidity of a growing body of products which assume normal users never need to wipe their OS (or, only ever do it once or twice), when in reality it has to be done all the time.
So... it's unfair on Apple that we are only hearing one side of the story. Maybe if they wanted us to hear their side of the story they'd, ya know, speak?
So basically this doesn't tell the difference between an encrypted drive and a blank drive, it tells the difference between a pure random drive and a blank drive.
That is, out of the following three possibilities:
1. Default/blank drive, possibly non-random. 2. Drive written over with pure random bytes. 3. Full disk encryption.
This tool can tell the difference between 1 and {2,3}, but it can't tell the difference between 2 and 3. That should still give you plausible deniability then, because there's the possibility you've written over your drive with/dev/random, and there's no way (in theory) for any tool to distinguish between that, and TrueCrypt.
Slashdot Mirror
Yes. The GPLv2 is compatible with DRM and so-called "tivoization".
However, it is still a violation of the GPLv2 to impose additional licensing restrictions. For example, Apple's license prevents you from installing the software on more than 5 devices, and it prevents you from modifying the software and running the modified version.
The freedom to modify the software and run the modified version is one of the fundamental rights granted by the GPL, so the App Store is clearly violating the license.
That's precisely why it's a violation of the GPL.
Well I for one am glad this is over and Google understands what it did is wrong and nobody will try something like this again.
I'm glad this issue got some public attention, and everyone learned a valuable lesson (which should already have been obvious): reading other people's wi-fi is wrong.
Now I can go back to setting my router to no encryption and be safe in the knowledge that nobody will read the passwords and bank details I will inevitably send in the clear.
And to add further insult, his example of "why open systems don't always win" is Microsoft's DRM. That's your example of an open system? You're equating an open source operating system which anyone is free to install on any device to a system which prevents people from listening to music they have purchased?
"The first thing most of us think about when we hear the word 'open' is Windows"
Wow. As stupid as that sounds, I think this is a very dangerous statement. Jobs isn't just missing the point here. He's stealing our words. He appears to be saying "don't focus on open vs closed, focus on fragmented vs integrated." But he isn't really saying that. He's redefining "open" as "fragmented" and "closed" as "integrated". He's de-valuing all of the advantages of an open platform and summarising the entire paradigm with the word "fragmented".
$13,000 is still a lot more than $5,000, so the point is still valid.
That right there is the reason why we have to fight it. If they say "it's legal to circumvent DRM, but not to distribute tools to do it," then we'll have no ability to do so. We can circumvent DRM today, but only because other people have collaboratively written software to do so. This is equivalent to passing a law which says "it is legal to toast bread, but illegal to sell a toaster."
(Sorry to the US citizens who already have the DMCA ... I'm in Australia and we have enough problems without this to deal with.)
Best way to check if you've made an improvement over an existing system:
"Cheswick hasn't performed any usability tests to see how the average Internet user might respond, but anything's better than the current system."
Wow, leaving aside the stupidity and inconvenience of using maps as passwords (sure, there's enough entropy, but shoulder-looking kills it, and it would take much longer to enter a password than with a text-based one), the entire article seems to centre around the concept that this will solve the "multiple passwords" problem.
"Online passwords are tedious, and it seems like too many websites require one" ... "I hate creating a new password for every website where I keep even a scrap of personal information". Seems like the two issues are entirely orthogonal. How is this going to help you with that problem? Either you're going to have to remember dozens of map locations for dozens of websites (same as passwords now), or you're going to have just one location for all sites, and be vulnerable to the same problem as having one password.
My solution is to use SuperGenPass, so I have one master password, but it generates a different password for each site, without storing passwords anywhere. There's also LastPass, which I haven't used, but it looks like a nice strong client-side-encrypted cloud-stored password database.
Well, it's time for GOG2.0 and ... Slashdotted. Damn!
For what it's worth, I thought this was a pretty clever advertising move, and am not at all offended by it. Servers go down all the time for no reason. This one had a reason -- marketing. So what?
The worst part, as far as I'm concerned, is how they made such a huge deal over this when, judging by the videos, it's really not a major improvement. GOG already had all the features we need, and it worked really well. Adding social networking and a Facebook "Like" button doesn't really add much value.
http://www.bash.org/?454203
also you will find that maemo on the N900 is soon to undergo a change in that it will be going MeeGo - in a sense.
it's still going to have the debian based maemo under the bonnet and then the Meego UI.
Full on MeeGo is Fedora under the bonnet
Not from what I've read -- the opposite. It's going to have the Fedora-under-the-bonnet MeeGo core, but retain a Maemo-5-like UI on top.
I agree, and I am almost completely happy with my N900. Unfortunately, with the announcement of MeeGo, and that it won't run (officially) on the N900, it looks to me like it's now all but a dead product, and will never have any more apps written for it.
Frankly with all this moving about between Maemo and MeeGo, I have a feeling it's safer to buy an Android phone at this point.
Umm... I'm holding in my hands a mobile device which shipped in the second half of 2009, which runs Adobe Flash 9 right out of the box, at reasonable speeds (some slowdowns, but overall runs without any jitters) -- the Nokia N900.
Am I missing something (is my phone not classed as a "mobile device?") or is Steve completely bullshitting?
My dream is that JavaScript is replaced by an assembly language.
If nobody is actually writing code in this extremely high-level language, then why do we have a high level language? If JavaScript is to be the assembly language of the next decade, then the whole "RISC is better than CISC" has been MASSIVELY inverted -- JavaScript is WAY higher up the CISC scale than x86 assembly.
The way we are going, we'll have high-level languages compiling into another dynamic, possibly higher-level language (JavaScript) which is then optimised to hell and back by the client, which is stupid and not perfect. It is absurd that GWT compiles (relatively) efficient, static Java into completely untyped dynamic JavaScript and then Chrome is forced to optimise it again -- poor Google are forced to completely round-trip the code because the standards are sucky.
I hope that one day soon, JavaScript will be replaced by a platform-neutral source-language-neutral object code (possibly Parrot) which already allows for optimisations.
I think that was Randy's point -- by requiring people to use Steam to play their games, Valve slung-shot Steam to #1 distribution service. The "unfair" thing is that they are both a game producer and distribution service for all the other games.
The curses interface you see in the demo was just a silly demonstration that anyone can write their own Wave client, since it's an open protocol. I'm not sure if they'll release the curses interface, but it wasn't a serious client, just a demo.
The point is, you aren't tied to Google's web interface, because sooner or later, someone will write a Wave client for you, no matter your taste (curses, desktop GUI, mobile, etc).
Entirely true. So?
What do you think you're buying when you pay for Mac or Windows? Part of the costs go towards paying patent trolls. Give away an operating system for *free*, but require a small fee to pay off the patent trolls, and suddenly the OS has "questionable patents and legality status."
Thank you. Excellent post.
#8 is THE reason to use Ubuntu. apt-get install is the killer app for Ubuntu. Being able to install virtually *any* application I want to try out in ten seconds is something which you can't live without once you've had it.
Also the apt system is authenticated using public key technology, and automatically tracks dependencies and keeps all applications up to date.
The Windows eco-system of searching for software using Google, downloading untrusted EXE files and installing them without any peer review OR authentication (and of course hoping it's not spyware), THEN having each application keep itself up-to-date; it's just laughable. It's pathetic.
I'd argue Ubuntu *is* ready for *everyone*. I've waited a long time to say it. I held my breath in 2005, 2007, even 2008, but it's now a consumer-grade operating system. It's *far* easier to use than Windows, and I mean for normal people too. The only problem is market share and developer support (legitimate problems, I'd agree).
Uh, try randomly access each frame, skip the commercials, no copy protection....
This comment brought to you by the MPAA.
So how are legit users supposed to get around all the shitty DRM products with a limited number of installs, like Spore and Mass Effect and Adobe CS4?
Not Microsoft's fault, but it highlights the stupidity of a growing body of products which assume normal users never need to wipe their OS (or, only ever do it once or twice), when in reality it has to be done all the time.
I bet you're feeling pretty bad about this comment now, eh?
"prior art in patents that were enough to force a company to settle out of court (for fear of legislation)"
I think you mean litigation.
So ... it's unfair on Apple that we are only hearing one side of the story. Maybe if they wanted us to hear their side of the story they'd, ya know, speak?
So basically this doesn't tell the difference between an encrypted drive and a blank drive, it tells the difference between a pure random drive and a blank drive.
That is, out of the following three possibilities:
1. Default/blank drive, possibly non-random.
2. Drive written over with pure random bytes.
3. Full disk encryption.
This tool can tell the difference between 1 and {2,3}, but it can't tell the difference between 2 and 3. That should still give you plausible deniability then, because there's the possibility you've written over your drive with /dev/random, and there's no way (in theory) for any tool to distinguish between that, and TrueCrypt.