There is an actual difference in the software used to preinstall Windows on your system between "Mom & Pops" and the big OEMS. The big OEMs use a tool called "OPK", while the smaller ones are limited to something called "DSP". With the NT variants, the major difference is the license.
Which brings me to:
It's the OEMs that wanted the recovery CD. There used to be a "windows companion" CD, which was the entire Windows install minus the setup program. An SVP for PackardBell (may it rest in piece, please) once said to me that he is forced to ship the companion CD's, and for he cares, he would glue it to the bottom of the computer.
The OEMs want to give you the recovery CD, because it saves them a fortune in support. Blame them, not MS (in this particular case).
Actually - the TradeSecret law states (and IANAL) that you are not allowed to use or redistribute any trade secret that you have obtained illegally, or that you know or should have know that were obtained illegally.
For exactly the same reason we keep pushing the opinion that the CSS "trade secret" was not obtained illegally, and therefor is not prohibited from being distributed, we must not look at the Windows source code, should it be made available.
Any piece of information there can be regarded as a trade secret. It was not reverse engineered. It was not released by MS. It was stolen!! This means - read that, and you are bound by trade secret laws not to redistribute the information. If this information is, in any way, useful for a project you are working on, you are screwed. Noone, not even you, can now claim that you have not taken any idea from the MS sources.
An aparatus or device, made of strong flexible material, such as leather or a metal chain, that connects to the dog's collar (see US patent 6,024,053, as well as various European and other patents), or any other device hanging around the dog's neck, and enables a human or similar to limit the area in which the dog may be.
The device can be used, with slight changes, on other pets and creatures, as long as the weight of the pet does not exceed the weight of the yeilder, or the roles may reverse.
In Israel, the right wing party, and prime minister Binyamin Netanyahu, kept claiming throughout the elections in which Netanyahu won that the media was against him (personally). These allegations were never seriously denied by anyone.
The end result was that, even though current prime minister Barak isn't particularily worst then the late PM Rabin was, the media does not turn the blind eye on things Barak does, that it used to for Rabin (both from the labour party).
The moral? Shouting about it, showing it, saying it, bitching about it etc. can help. Netanyahu may have paid about this with his position, but Israel now has a much more balanced (in my view) media than four years ago.
*And* the name's not exactly retired yet in the UK - there's a machine in my local Currys.
Disclaimer - I work for a company called GTek Technologies Ltd. My company did buisness with Packard Bell up until the day it died. We still do buisness with NEC in Japan
The brand name they sell in Europe is a variation (slight) on the brand names they sell in Japan (where I don't know of any Packard Bell sales at all).
Get this - They actually sell quite well. They are reported (I havn't checked myself) to produce systems people are quite happy with.
The problem with secret sharing is that (at least in all the systems i've heard of) all the shares need to be created along with the secret
Actually - this is not true. What's described here is PRECISELY secret sharing. This scheme is n/n (meaning you need all blocks to reconstruct any meaningful information), but is still secret sharing.
Control data is transmitted in binary form - most widely used protocols are based on ASCII (FTP, HTTP, SMTP)
Now, I am not sure about that, but I am pretty sure. HTTP and FTP, both, allow 8 bit connections. With SMTP the protocol didn't want to assure that, so 7bits are recommended (but not required). Once 7bits are used, the overhead isn't significantly bigger than the 7/8 bandwith limitation you impose.
Actually - paper wrapped licenses, and email wrapped licenses, are being used.
I have a friend who works for CheckPoint. He read me his email over the phone. I emailed him a short notice, verifying that it was the right email.
I cannot tell you his reply, because it had an automatic confidentiality addon, saying: A. The opinions expressed may not reflect the official CheckPoint line, but rather those of the writer. B. The entire email is a confidential property of CheckPoint.
I will hint to say his reply contained no issues not raised within my email.
MS already has a licensing policy, where companies can get a hold of their source code. It is expensive, hard to get into, hard to get parts of the code, and above all, requires non-disclosure.
I think that even if they, by some miracle, allow OpenSource projects to get the source (and I doubt that will happen, as the source will be accompanied by an NDA, almost for sure), they will not allow you to actually copy their source into yours.
This means that, best case, you will be able to disect what the undoced APIs do, and then rewrite them, but not copy a nifty and quick blitter routine into your code.
WOW!!! Stop right here!!! You all realize that MS views that as a trade secret. We all think this is silly - but that's not the point. If you want to find a way to get the info without agreeing to the license, that's fine. If not - don't intentionally be negligent. If not out of respect for the law, at least because the "Other" guys read these comments as well. I think it is totally legitimate to try and find out what the protocol is. I, for one, am not going download it, or do anything else that binds me by their license. If anyone else feels like trying to find out what it is without pressing "I agree", or getting it from someone who doesn't care about the law, feel free to email me. I have just stopped reading these comments. Shachar
You don't need to send 99% of garbage. One time pad (true one time pad, the type you are describing) is fully unvolnurable to cyphertext only attacks, and to attacks in which you know some of the plaintext. This is, of course, the information source is 100% random.
You can come close enough by encrypting with almost random data, but then it's more a question of "how good is your pseudo random generator", rather than "how good is one time pad".
One more note - with one time pad, the key length is identical to the plaintext length, making it a not very strong encryption in terms of key length/encryption strength ratios. Nothing close to DES/3DES/Blowfish/Serpent etc.
In fact, it is so weak that if the key length is very short (say, square root of the plaintext, which is still very long), an english text is vulneruble to cyphertext only attacks (which are much less likely with DES, even if you don't use CBC).
Does anyone supose this could make UCITA a legal defacto.
No, as far as I understand the UCITA is stating certain things that are automatically enforcable in a software license type agreement. Some people thought it necessary, as there are obviously some things that are not enforcable.
For example, does anyone argue that this license will not hold up in court:
By clicking "I agree", you are obliged to send 20% of each of your salary for the next two years to the author's account.
Licenses are the only ways an intelectual property holder can protect her intelectual property, while still distributing it. This includes restricting copying (or restricting copying restriction). Whether that includes restricting reverse engineering, or any other part, is a matter of law and interpretation. This is what the UCITA is there for.
Noone (except some Slashdoters?) is disputing the actual legicimacy or placing a license specifying what the copyright holder allows done with her copyrighted material. The dispute is over what the copyright holder can specify.
just because the user probably doesn't need or want the source code, it is okay to be taken away.
While undoutably true, a commercial product given for free does not owe you anything. If they choose to give you something for free for specific reasons, I don't think bitching about it not being open source is the right thing to do.
I have not studied for MCSE, and don't have the title. My knowledge about the MCSE is from people whom I interviewed.
I actually think the MCSE has quite a bit of "other" OSes. Not enough to make you administrate them (it is, after all, a degree in administrating MS servers), but enough to know they exist if you didn't before.
Asking that an MCSE graduate know how to administrate Unix is like asking that an arts graduate know how to solve a differential equation. Some will know how, but you don't expect the degree they aquired to teach them that.
As far as I understand this, TCO also includes training and setup. If you deploy 100 near identical machines, your TCO is going to have an initial cost component that is by FAR higher than deploying a new machine.
That said, it seems to me that the more servers of the same kind you use, the more the initial cost is going to be a factor. This, not counting startups and such, where people are cheaper than cash (you don't have the cash to pay for the servers now, but you pay people with options).
Sorry for the dry reply, but Benny hill died a few years ago, leaving his fortune to two wemen, one of them paralysed (as far as I recall, I am a bit hazy about this.
49 days ago, RC3 was released. And that's close to the final release..
While of course being true, you still can't buy Windows 2000 at your neighbourhood computer store. Unless you are on some sort of early notification, you cannot be running production Windows 2000 servers yet.
It is not fair to complain that a system's uptime is less then x days, when that system has not even been out of beta that long, much less available to the public.
FYI - Windows 2000 was RTM (released to manufacturing) less than two weeks ago. It will only be available in the stores in the middle of February. These are the facts of life when dealing with non-freely downloadable software.
> Just think, you could probably add compatibility for both Palm apps and Wince apps.
What makes you think that writing WinCE API is going to be any easier than writing the Win32 API, a project which WINE is working at for some years now.
I am positive that there is more then one aspect of the WinCE OS that is being done without documentation (I can tell this by simply looking at the things done, compared with what the documentation claims is possible).
I don't believe that punishing MS's down putting of other people's innovation by stopping them from innovating is a good idea. The idea is more competition, not less.
I think that releasing the Windows source code under NO license at all will be an interesting solution. This way, if you want to make a Windows clone, you can do it in a few secs (just recompile). But you will have to price it accordingly.
I think the GPL is too restrictive for such a thing. Let everyone choose their own licensing mode (which you can, if the code is license less), and let free compatition dictate the result.
If you do that, let MS keep their entire rest of the applications (Office, IE, VC, etc.)
I beg to differ. You cannot answer them that you are not infringing their copyright, without first checking whether you are infringing their copyright. Otherwise - they have your response in court, and you have commited to a defense line.
Consult a lawyer. Ask the users of your domain for contributions. If they are not afraid to lose the domain, they will leave (and you have no reason to defend the domain to begin with). If they are using it, they should participate in the effort to defend it.
Slashdot Mirror
See how it says "truly random" for many many of them
Welllll, not exactly. NT 4 is labeled "A trivial joke". Solaris 2.6 is no better.
This problem is still affecting a large percentage of the OSes currently in use.
I do agree that hurrying to the press with this is publicity hogging (karma?).
- There is an actual difference in the software used to preinstall Windows on your system between "Mom & Pops" and the big OEMS. The big OEMs use a tool called "OPK", while the smaller ones are limited to something called "DSP". With the NT variants, the major difference is the license.
- Which brings me to:
- It's the OEMs that wanted the recovery CD. There used to be a "windows companion" CD, which was the entire Windows install minus the setup program. An SVP for PackardBell (may it rest in piece, please) once said to me that he is forced to ship the companion CD's, and for he cares, he would glue it to the bottom of the computer.
The OEMs want to give you the recovery CD, because it saves them a fortune in support. Blame them, not MS (in this particular case).For exactly the same reason we keep pushing the opinion that the CSS "trade secret" was not obtained illegally, and therefor is not prohibited from being distributed, we must not look at the Windows source code, should it be made available.
Any piece of information there can be regarded as a trade secret. It was not reverse engineered. It was not released by MS. It was stolen!! This means - read that, and you are bound by trade secret laws not to redistribute the information. If this information is, in any way, useful for a project you are working on, you are screwed. Noone, not even you, can now claim that you have not taken any idea from the MS sources.
In short - leave it be. Don't touch it.
Actually - a firewall should have prevented the attacker from exploiting the open port for taking over the computer.
A firewall, if present, and if the attack indeed came from the outside, should still have stopped it. The question is valid.
An aparatus or device, made of strong flexible material, such as leather or a metal chain, that connects to the dog's collar (see US patent 6,024,053, as well as various European and other patents), or any other device hanging around the dog's neck, and enables a human or similar to limit the area in which the dog may be.
The device can be used, with slight changes, on other pets and creatures, as long as the weight of the pet does not exceed the weight of the yeilder, or the roles may reverse.
In Israel, the right wing party, and prime minister Binyamin Netanyahu, kept claiming throughout the elections in which Netanyahu won that the media was against him (personally). These allegations were never seriously denied by anyone.
The end result was that, even though current prime minister Barak isn't particularily worst then the late PM Rabin was, the media does not turn the blind eye on things Barak does, that it used to for Rabin (both from the labour party).
The moral? Shouting about it, showing it, saying it, bitching about it etc. can help. Netanyahu may have paid about this with his position, but Israel now has a much more balanced (in my view) media than four years ago.
Disclaimer - I work for a company called GTek Technologies Ltd. My company did buisness with Packard Bell up until the day it died. We still do buisness with NEC in Japan
The brand name they sell in Europe is a variation (slight) on the brand names they sell in Japan (where I don't know of any Packard Bell sales at all).
Get this - They actually sell quite well. They are reported (I havn't checked myself) to produce systems people are quite happy with.
Actually - this is not true. What's described here is PRECISELY secret sharing. This scheme is n/n (meaning you need all blocks to reconstruct any meaningful information), but is still secret sharing.
Now, I am not sure about that, but I am pretty sure. HTTP and FTP, both, allow 8 bit connections. With SMTP the protocol didn't want to assure that, so 7bits are recommended (but not required). Once 7bits are used, the overhead isn't significantly bigger than the 7/8 bandwith limitation you impose.
Do correct me if I'm wrong.
Actually - paper wrapped licenses, and email wrapped licenses, are being used.
I have a friend who works for CheckPoint. He read me his email over the phone. I emailed him a short notice, verifying that it was the right email.
I cannot tell you his reply, because it had an automatic confidentiality addon, saying:
A. The opinions expressed may not reflect the official CheckPoint line, but rather those of the writer.
B. The entire email is a confidential property of CheckPoint.
I will hint to say his reply contained no issues not raised within my email.
MS already has a licensing policy, where companies can get a hold of their source code. It is expensive, hard to get into, hard to get parts of the code, and above all, requires non-disclosure.
I think that even if they, by some miracle, allow OpenSource projects to get the source (and I doubt that will happen, as the source will be accompanied by an NDA, almost for sure), they will not allow you to actually copy their source into yours.
This means that, best case, you will be able to disect what the undoced APIs do, and then rewrite them, but not copy a nifty and quick blitter routine into your code.
WOW!!! Stop right here!!! You all realize that MS views that as a trade secret. We all think this is silly - but that's not the point. If you want to find a way to get the info without agreeing to the license, that's fine. If not - don't intentionally be negligent. If not out of respect for the law, at least because the "Other" guys read these comments as well. I think it is totally legitimate to try and find out what the protocol is. I, for one, am not going download it, or do anything else that binds me by their license. If anyone else feels like trying to find out what it is without pressing "I agree", or getting it from someone who doesn't care about the law, feel free to email me. I have just stopped reading these comments. Shachar
You don't need to send 99% of garbage. One time pad (true one time pad, the type you are describing) is fully unvolnurable to cyphertext only attacks, and to attacks in which you know some of the plaintext. This is, of course, the information source is 100% random.
You can come close enough by encrypting with almost random data, but then it's more a question of "how good is your pseudo random generator", rather than "how good is one time pad".
One more note - with one time pad, the key length is identical to the plaintext length, making it a not very strong encryption in terms of key length/encryption strength ratios. Nothing close to DES/3DES/Blowfish/Serpent etc.
In fact, it is so weak that if the key length is very short (say, square root of the plaintext, which is still very long), an english text is vulneruble to cyphertext only attacks (which are much less likely with DES, even if you don't use CBC).
Shachar.
No, as far as I understand the UCITA is stating certain things that are automatically enforcable in a software license type agreement. Some people thought it necessary, as there are obviously some things that are not enforcable.
For example, does anyone argue that this license will not hold up in court:
Licenses are the only ways an intelectual property holder can protect her intelectual property, while still distributing it. This includes restricting copying (or restricting copying restriction). Whether that includes restricting reverse engineering, or any other part, is a matter of law and interpretation. This is what the UCITA is there for.
Noone (except some Slashdoters?) is disputing the actual legicimacy or placing a license specifying what the copyright holder allows done with her copyrighted material. The dispute is over what the copyright holder can specify.
just because the user probably doesn't need or want the source code, it is okay to be taken away.
While undoutably true, a commercial product given for free does not owe you anything. If they choose to give you something for free for specific reasons, I don't think bitching about it not being open source is the right thing to do.
Just my 8 agorout (roughly two cents)
I have not studied for MCSE, and don't have the title. My knowledge about the MCSE is from people whom I interviewed.
I actually think the MCSE has quite a bit of "other" OSes. Not enough to make you administrate them (it is, after all, a degree in administrating MS servers), but enough to know they exist if you didn't before.
Asking that an MCSE graduate know how to administrate Unix is like asking that an arts graduate know how to solve a differential equation. Some will know how, but you don't expect the degree they aquired to teach them that.
As far as I understand this, TCO also includes training and setup. If you deploy 100 near identical machines, your TCO is going to have an initial cost component that is by FAR higher than deploying a new machine.
That said, it seems to me that the more servers of the same kind you use, the more the initial cost is going to be a factor. This, not counting startups and such, where people are cheaper than cash (you don't have the cash to pay for the servers now, but you pay people with options).
I'll add to that that Microsoft seemed to have been beta testing their OSes on VMWare.
I don't know what version of VMWare, but it shouldn't matter.
Good points:
Bad Points:
Generally, the injunction was given just because it would hurt the plaintiffs more if it would not be given than the defendants to give it.
Sorry for the dry reply, but Benny hill died a few years ago, leaving his fortune to two wemen, one of them paralysed (as far as I recall, I am a bit hazy about this.
49 days ago, RC3 was released. And that's close to the final release..
While of course being true, you still can't buy Windows 2000 at your neighbourhood computer store. Unless you are on some sort of early notification, you cannot be running production Windows 2000 servers yet.
It is not fair to complain that a system's uptime is less then x days, when that system has not even been out of beta that long, much less available to the public.
FYI - Windows 2000 was RTM (released to manufacturing) less than two weeks ago. It will only be available in the stores in the middle of February. These are the facts of life when dealing with non-freely downloadable software.
> Just think, you could probably add compatibility for both Palm apps and Wince apps.
What makes you think that writing WinCE API is going to be any easier than writing the Win32 API, a project which WINE is working at for some years now.
I am positive that there is more then one aspect of the WinCE OS that is being done without documentation (I can tell this by simply looking at the things done, compared with what the documentation claims is possible).
Shachar
That depends.
If the 40000$ damages were, even if in part, a result of the White House sysadmins updating security, you can't really attribute that to his crime.
Charging me for the fixing of a security hole I exploited is rediculous. The hole is there whether I broke in or not.
I don't believe that punishing MS's down putting of other people's innovation by stopping them from innovating is a good idea. The idea is more competition, not less.
I think that releasing the Windows source code under NO license at all will be an interesting solution. This way, if you want to make a Windows clone, you can do it in a few secs (just recompile). But you will have to price it accordingly.
I think the GPL is too restrictive for such a thing. Let everyone choose their own licensing mode (which you can, if the code is license less), and let free compatition dictate the result.
If you do that, let MS keep their entire rest of the applications (Office, IE, VC, etc.)
Shachar
I beg to differ. You cannot answer them that you are not infringing their copyright, without first checking whether you are infringing their copyright. Otherwise - they have your response in court, and you have commited to a defense line.
Consult a lawyer. Ask the users of your domain for contributions. If they are not afraid to lose the domain, they will leave (and you have no reason to defend the domain to begin with). If they are using it, they should participate in the effort to defend it.