This is (according to my personal wisdom) why DOS got ahead of the Mac to begin with...
Suppose that the market was 50/50 Mac/DOS. Each Mac requires about 1/5 as much support. This means that the DOS universe supports about 5 times as many consultants as the Mac universe does,
Along comes a computer newbie who is sure that computers can improve his/her business. This newbie goes out and finds a random computer consultant. Even though the market is 50/50 Mac/DOS, the probability of getting a DOS consultant is 5/6 -> 83%. Guess what system the DOS consultant is going to argue for?
This pushes the market even further against the Mac, and thus the death spiral starts. This also explains why Mac users seem to be so downright pendantic about their support of the Mac... They don't understand why so many consultants seem to be suggesting that users go to DOS when it's clear that the Mac generats less work for the consultant.
(sounds obvious when I put it that way, doesn't it?)
Um, not to be a Microsoft apologist or anything, but at least in the case of MSBlast, they
DID fix the problem.
Problem is, although they may have fixed the problem, lots of people didn't trust the fix. Microsoft updates have a bad reputation for sometimes making systems more unstable than not installing them. As a result, many a sane admin has learned to isolate updates until they have a chance to test them.
Linux, on the other hand, is well-defined enough that most people really can trust their non-critical system to untested updates, and the need to test updates for critical systems is usually limited to the installation with wierd software that is specifically documented to only work with their own version of certain packages. Even then, users would still have access to the source code and the ability to (hire someone to) roll their own patches if they were desperate enough.
If Microsoft updates had a reputation for rock-solid stability, this problem wouldn't be anywhere near as bad as it is.
Linux running IIS(!)... My guess is that they're using Linux for a firewall. (It's not like Microsoft would trust Windows to something like that.) It might even be an embeded box running Linux being used to protect/support their server farms.
Actually pointing the DNS to 127.x.x.x really doesn't do much. While it does point it back at itself, the SYN flood isn't strong enough to take itself out.
Precisely. causing the worm to start a SYN flood against itself is not going to do anything, but it will still cause the worm to think that it has succeeded in it's mission. You don't want to take out the worm boxes (they're generally just innocents stupid enough to run MS software). Neutralizing the effect is enough.
The fact that SCO is grasping at such small (and obviously non-boyant) straws is in indicator that SCO never really thought this one through. With millions of dollars at stake, they have no better answer to the GPL than this.
Not quite time to go out in the streets and celebrate, but I have a big smile on my face.
Relationships are one of the most important things we have in life, and when you burn enough bridges life just gets less and less pleasant. I'm sometimes shocked by where the contacts I've built up over the years have taken me.
Then your sig:
If you're not on somebody's shit list, you're not doing anything worthwhile.
It's not that you want to piss everybody off, but you sometimes have to be willing to piss somebody of for something that you think is seriously worthwhile (i.e. a principle).
Choose your friends well, but choose your enemies even more carefully.
If it makes him happier to do the James Bond thing, then let him... The important things are:
The school/company find out about the hole and fix it, and
He isn't scared that he's gonna get sued, arrested and otherwise persecuted for having looked too close at the code.
I don't know just how anal his school administration is... he does. It's definitely within the realm of possibility that if they're really uptight, there is the possibilith that they really could sic the police on him -- Just because current laws are that stupid doesn't mean that everybody is willing to presume that they won't get enforced at such a stupid level.
If the school isn't so anal as to want to go after him for his security work, then they need a way to notify him. The personal ad thing may be James Bond-ish, but it does the job, and it's pretty cheap and easy. What more do you want?
n : aggressive boldness or unmitigated effrontery; "he had the
audacity to question my decision" [syn: audacity, audaciousness,
hutzpa]
Example: Someone who, having killed both his parents, pleads the mercy of the court because he is "but a poor orphan".
Now, that example was part of a comedy routine, and probably meant to be a bit over-the-top -- but if anybody has ever fit that example, I'd have to say it's SCO.
Best analogy yet:
SCO is like a dog that, having pissed on your tire, thinks he owns your whole car.
It doesn't matter if SCO has IP in the kernel (and they do have IP there -- such as the stuff inserted by Caldera)... The point here is that they're violating the GPL by tring to limit people's use of the code, and charge them for access to it.
The thing to not here is that anybody suing SCO has to identify which code is theirs -- You can't just prevent them from copying all of Linux... Just the portions of it that are yours. The charge would be breach of contract and copyright violation. You could probably force them to stop distributing Linux until they could isolate and remove your code. (of course, if EVERYBODY did that, then they'd pretty much have to rewrite Linux from scratch:-) )
The first step in this would be to notify them that you believe they are in breach of the GPL for your code and, as a result, they need to stop distributing it. You should also identify what your code is so tha they aren't left guessing. In theory, you don't really need to notify them of anything... They've already violated your copyright. You can just take them to court for the current violations, and include a request for an injunction -- but I think that most judges would prefer if you at least made an attempt to settle things out of court. If SCO tells you to blow it out your ear, then
(IANAL, but I do a good job of acting like one)
They have a ton of Netware devices installed, and a lot of administrators intimately familiar with those Netware devices. There's no way they could do a flash cut.
Yeah, Only Microsoft would do something that stupid (and maybe SCO, but I wouldn't put anything past SCO these days).
Yep. I agree. Anonymity may be the key. Slip a disk in the president's mail, Explain what you know, and tell them why you're not going to them personally. Give them a way to tell you anonymously that it's safe for you to talk in person (eg. a strangely worded personal announcement in the school paper).
Given that an unscrupulous person finding out about the exploit could really mess up the marks in your class, I'd say that it's a good idea for you to notify them of the problem in some way or another.
In a different situation in high school, I wrote a lot of code for my school, it was supposed to be a system where teachers and parents could view students grades and such securely... the school ended up expelling me for not going to detentions (I was working as a developer after school for a firm down here in FL). Every bit of code was encrypted with GnuPG so they didn't get one bit out of me.
Doing good coding can get you some nice job references (as per your teacher at University), and some good friends down the line, but it doesn't excuse you from the rules per detention, etc. (what the detention was about is a different issue, so I just won't go there).
Encrypting the code is, at best, bad karma. It could come back to haunt you years down the road when an important contract is nixed because a friend of a friend remembers what you did way back when. Relationships are one of the most important things we have in life, and when you burn enough bridges life just gets less and less pleasant. I'm sometimes shocked by where the contacts I've built up over the years have taken me.
BTW: If you were actually paid to develop that school code that you encrypted, my guess is that the only reason they didn't sue your ass of is that you didn't have any money in your pants.
Linux adoption itself has not been a problem (IMHO) for most realistic companies. However, converting 8000 developers over to Linux is a massive and interesting concept.
Not as big as you'd think (at least not for the developers). The base platform for Oracle (AFIK) is Solaris. The differences between Solaris and Linux aren't that nasty -- besides they already have to be linux-awere in their development tasks, anyways. It'll be a bit more work for the admins who'll need to learn which linux system tools replace the Sun-specific ones, but even that's not a lot, and there are probably fewer admins at Oracle than developers.
It'd be nice if the FSF could join the fray for copyright infringement (do they still distribute Linux? since their Linux License invalidates the GPL they'd be violating the copyrights of any kernel-developer out there).
The FSF doesn't really distribute Linux (the kernel). I don't remember ever hearing that Linus had signed over the rights to Linux to the FSF. What the FSF DOES control is most (all?) of the GNU software (including things likd gcc). Whether or not SCO has violated the license on all of Linux is an interesting question. the vagueness of their complaints is such that you could seriously argue that they've tainted the whole pot. If that's the case, then the FSF could go after them on that basis.
The question of if, and which, FSF/GNU software SCO has violated the license of with their vague threats might dirty the pool enough that the FSF might just wait this one out and let the big gun carriers (like IBM and RedHat) chew up SCO before they join the legal monkeypile.
The FSF doesn't have a cash flow {,at risk} here like those companies do, so they can afford to (and probably can't afford not to) sit back and let things unfold more before taking their own legal action. It's probably easier and cheaper for them to go in as intervenors in the existing suits than to start their own.
And if your dad murdered your neighbor's son, would it then be just for your neighbor to murder you?
If I still had the gun in my hand, and wasn't showing any signs of dropping it, it would probably be legal. (but 'just' and 'legal' are two entirely different issues).
That having been said, IBM could do that for users of UNIXware and SCO's other proprietary distributions, but they couldn't do it for for Caldera and SCO-Linux customers. (at least -- not without losing their GPL rights).
Does anyone know if SCO is successfully collecting on this? Is money being made?
My guess is not. The way that theis scam is running, I'd expect that the first time they actually got a cheque from this (at least from a fortune-1000 company) they'd be pushing that out all of the news services. 'cause it would give their claims more credibility.
Many of the embedded devices aren't on Intel.
SCO has no non-intel offerings.
main(){
printf("Do you see any x86 assembly here?");
}
The whole purpose of using C for most of Unix was to make it as processor independant as possible. Besides, a straightforward translation from one processor's assembly language to another's would be considered a derivative work.
SCO's bluffs aren't aimed at us vaguely law-savvy slashdot types.. We know that the only leg they've got to stand on is the one between their cannonballs (because they're gonna end up well-hung by the time this one is over). -- and they've just shot that one off, too.
The intent here is probably to keep the PHB types confused enough for long enough that a couple of them are gonna ante up at SCO's absurd prices. If a couple of PHB's at big companies do this, that could be worth a couple million dollars of pure profit. At that point, they might even be able to get a few more PHBs to ante up (Hey! X at Megacorp just folded. SCO must be serious!) before they run off to The Bahamas with their big performance bonuses.
Slashdot Mirror
Suppose that the market was 50/50 Mac/DOS. Each Mac requires about 1/5 as much support. This means that the DOS universe supports about 5 times as many consultants as the Mac universe does,
Along comes a computer newbie who is sure that computers can improve his/her business. This newbie goes out and finds a random computer consultant. Even though the market is 50/50 Mac/DOS, the probability of getting a DOS consultant is 5/6 -> 83%. Guess what system the DOS consultant is going to argue for?
This pushes the market even further against the Mac, and thus the death spiral starts. This also explains why Mac users seem to be so downright pendantic about their support of the Mac... They don't understand why so many consultants seem to be suggesting that users go to DOS when it's clear that the Mac generats less work for the consultant.
(sounds obvious when I put it that way, doesn't it?)
Problem is, although they may have fixed the problem, lots of people didn't trust the fix. Microsoft updates have a bad reputation for sometimes making systems more unstable than not installing them. As a result, many a sane admin has learned to isolate updates until they have a chance to test them.
Linux, on the other hand, is well-defined enough that most people really can trust their non-critical system to untested updates, and the need to test updates for critical systems is usually limited to the installation with wierd software that is specifically documented to only work with their own version of certain packages. Even then, users would still have access to the source code and the ability to (hire someone to) roll their own patches if they were desperate enough.
If Microsoft updates had a reputation for rock-solid stability, this problem wouldn't be anywhere near as bad as it is.
Linux running IIS(!)... My guess is that they're using Linux for a firewall. (It's not like Microsoft would trust Windows to something like that.) It might even be an embeded box running Linux being used to protect/support their server farms.
Precisely. causing the worm to start a SYN flood against itself is not going to do anything, but it will still cause the worm to think that it has succeeded in it's mission. You don't want to take out the worm boxes (they're generally just innocents stupid enough to run MS software). Neutralizing the effect is enough.
You mean besides the fact that they keep melting the board?
Not quite time to go out in the streets and celebrate, but I have a big smile on my face.
Then your sig:
If you're not on somebody's shit list, you're not doing anything worthwhile.
It's not that you want to piss everybody off, but you sometimes have to be willing to piss somebody of for something that you think is seriously worthwhile (i.e. a principle).
Choose your friends well, but choose your enemies even more carefully.
- The school/company find out about the hole and fix it, and
- He isn't scared that he's gonna get sued, arrested and otherwise persecuted for having looked too close at the code.
I don't know just how anal his school administration is... he does. It's definitely within the realm of possibility that if they're really uptight, there is the possibilith that they really could sic the police on him -- Just because current laws are that stupid doesn't mean that everybody is willing to presume that they won't get enforced at such a stupid level.If the school isn't so anal as to want to go after him for his security work, then they need a way to notify him. The personal ad thing may be James Bond-ish, but it does the job, and it's pretty cheap and easy. What more do you want?
Example: Someone who, having killed both his parents, pleads the mercy of the court because he is "but a poor orphan".
Now, that example was part of a comedy routine, and probably meant to be a bit over-the-top -- but if anybody has ever fit that example, I'd have to say it's SCO.
Best analogy yet:
The thing to not here is that anybody suing SCO has to identify which code is theirs -- You can't just prevent them from copying all of Linux... Just the portions of it that are yours. The charge would be breach of contract and copyright violation. You could probably force them to stop distributing Linux until they could isolate and remove your code. (of course, if EVERYBODY did that, then they'd pretty much have to rewrite Linux from scratch :-) )
The first step in this would be to notify them that you believe they are in breach of the GPL for your code and, as a result, they need to stop distributing it. You should also identify what your code is so tha they aren't left guessing. In theory, you don't really need to notify them of anything... They've already violated your copyright. You can just take them to court for the current violations, and include a request for an injunction -- but I think that most judges would prefer if you at least made an attempt to settle things out of court. If SCO tells you to blow it out your ear, then (IANAL, but I do a good job of acting like one)
Yeah, Only Microsoft would do something that stupid (and maybe SCO, but I wouldn't put anything past SCO these days).
Given that an unscrupulous person finding out about the exploit could really mess up the marks in your class, I'd say that it's a good idea for you to notify them of the problem in some way or another.
Doing good coding can get you some nice job references (as per your teacher at University), and some good friends down the line, but it doesn't excuse you from the rules per detention, etc. (what the detention was about is a different issue, so I just won't go there).
Encrypting the code is, at best, bad karma. It could come back to haunt you years down the road when an important contract is nixed because a friend of a friend remembers what you did way back when. Relationships are one of the most important things we have in life, and when you burn enough bridges life just gets less and less pleasant. I'm sometimes shocked by where the contacts I've built up over the years have taken me.
BTW: If you were actually paid to develop that school code that you encrypted, my guess is that the only reason they didn't sue your ass of is that you didn't have any money in your pants.
Besides, being on everybody's shit list is a much more elite 'honor' than just being on somebody's shit list.
Not as big as you'd think (at least not for the developers). The base platform for Oracle (AFIK) is Solaris. The differences between Solaris and Linux aren't that nasty -- besides they already have to be linux-awere in their development tasks, anyways. It'll be a bit more work for the admins who'll need to learn which linux system tools replace the Sun-specific ones, but even that's not a lot, and there are probably fewer admins at Oracle than developers.
The FSF doesn't really distribute Linux (the kernel). I don't remember ever hearing that Linus had signed over the rights to Linux to the FSF. What the FSF DOES control is most (all?) of the GNU software (including things likd gcc). Whether or not SCO has violated the license on all of Linux is an interesting question. the vagueness of their complaints is such that you could seriously argue that they've tainted the whole pot. If that's the case, then the FSF could go after them on that basis.
The question of if, and which, FSF/GNU software SCO has violated the license of with their vague threats might dirty the pool enough that the FSF might just wait this one out and let the big gun carriers (like IBM and RedHat) chew up SCO before they join the legal monkeypile.
The FSF doesn't have a cash flow {,at risk} here like those companies do, so they can afford to (and probably can't afford not to) sit back and let things unfold more before taking their own legal action. It's probably easier and cheaper for them to go in as intervenors in the existing suits than to start their own.
I think you're talking W3C.
(Just had to say that!)
Don't even bother replying to that last post. I just re-read what you said.... and I'm embarassed.
If I still had the gun in my hand, and wasn't showing any signs of dropping it, it would probably be legal. (but 'just' and 'legal' are two entirely different issues).
That having been said, IBM could do that for users of UNIXware and SCO's other proprietary distributions, but they couldn't do it for for Caldera and SCO-Linux customers. (at least -- not without losing their GPL rights).
Again, in HTML
-
Company shall not reverse engineer or decompile, translate, create derivative
works or modify any of the SCO Product.
In other words, you can never use Linux source code again (at least, until you find out what part of Linux SCO is claiming to own).With respect to people who got Linux from the SCO/Caldera site, this would be a pretty clear violation of the GPL.
All 12 of them .... (everybody should know by now, that anybody dealing with SCO isn't even close to playing with a full deck).
My guess is not. The way that theis scam is running, I'd expect that the first time they actually got a cheque from this (at least from a fortune-1000 company) they'd be pushing that out all of the news services. 'cause it would give their claims more credibility.
SCO has no non-intel offerings.
main(){
- printf("Do you see any x86 assembly here?");
}The whole purpose of using C for most of Unix was to make it as processor independant as possible. Besides, a straightforward translation from one processor's assembly language to another's would be considered a derivative work.
The intent here is probably to keep the PHB types confused enough for long enough that a couple of them are gonna ante up at SCO's absurd prices. If a couple of PHB's at big companies do this, that could be worth a couple million dollars of pure profit. At that point, they might even be able to get a few more PHBs to ante up (Hey! X at Megacorp just folded. SCO must be serious!) before they run off to The Bahamas with their big performance bonuses.