if it's sitting on the companys computers and you've been working on it in company time, they own it.
Not necessarily. It depends on the contract you negotiated, and the original license of the software. The law can get quite complicated when arguing about such corner cases.
In this case, I would guess that, realising he was about to leave, he simply backed up his entire home dir to an offsite location. Who wouldn't? Having worked in any company for several years, we all know how seemingly important stuff can build up there, even though we never have the time to sort it all out. Unfortunately for him, the transfer was logged, and his home dir contained proprietary code. The defense, well, admission of guilt really until mitigating circumstances, seems reasonable.
If you modify a piece of software for in house use and don't distribute it outside, you don't have to distribute the source.
Maybe. Maybe not. AFAIK the issue has never been tested in court. But consider that, if you take a copy of Microsoft Office, and make lots of copies for internal use only, even though you aren't distributing the software externally you will still be guilty of copyright infringement. I would suggest that the same rules would apply to the act of internal distribution of GPL software - you either abide by the license, or you are guilty of copyright infringement. Copyright law does not distinguish between internal and external infringement, or between closed and open source infringement. Just as you cannot provide your programmers with pirated copies of Windows, you also can not provide them with pirated copies of GPL software.
He might not have, but it's implied. Are you saying the courts can make this distinction?
Firstly, it's not up to courts. Since possession of drugs for personal use was decriminalised, the courts are no longer prosecuting people for this crime. Instead, people with large quantities for personal possession go to a "dissuasion commission panel" rather than court. They can rely on medical evidence and amount of drugs on person to decide appropriate response (possibly a fine, possibly an offer of treatment). Treatment is not mandatory.
The treatment option is an alternative to a fine for possession of drugs. I had heard that for minor crimes that wouldn't go to court anyway (e..g prostitution) it can be offered as well, but I can't find a reference for that at the moment. The rest of the details are in:
"It's not my fault I have a disease! The devil drugs made me do it!"
A predictable response, but consider that if a person is clinically addicted to certain drugs, then not having those drugs regularly is highly likely to cause death. In that sense, there is some truth to the reasoning that "the drugs made me do it" - the drugs are necessary to avoid death, and if the person were not addicted, then the drugs would not be necessary. Consider the hypothetical scenario where you hold in your hand a button that when pressed will electrocute and kill another innocent human. If you don't press the button within 60 seconds, you will be electrocuted and killed. If you press the button, you will be released. Your action in pressing the button is murder of an innocent person, regardless of the motive. So which do you choose - to commit the crime or murder, or to be murdered? It's an old philosophical question, but one that can easily be extended to this scenario (obviously murder is an extreme example, substitute with the more likely crimes of prostitution or theft as appropriate).
I had a thought along similar lines the other day - no white man has ever run the 100m in less than 10 seconds. The 10 second barrier has been broken hundreds of times by black athletes. How come there is no call for racial segregation in the 100m? We already have sexual segregation. Why is one a good thing for society, and the other the complete opposite? If it can be shown that white men (or black men) are at a particular disadvantage in certain sports, would that mean segregated competition would be okay? Would it suddenly be a good thing, meaning that the "disadvantaged" athletes would have a league of their own to compete within?
With some positive results. Drug dealers still go to jail, but addicts go to treatment centers.
So all users are addicts? All users get locked up *and* treated against their will. Since when is forced medical (if it is medical) treatment any of the States's business?
wtf? When did the OP say that all users are addicts?
In Portuagal addicts who commit crimes to fund their habits are offered treatment as an alternative to going to prison. Seem like a smart move to me.
I hope this finally kills off the "GPL is bad for business" myth. Every one of those companies is paying for work on the kernel because it is good for their business. Red Hat, IBM, Novell, etc. aren't charities - they sponsor Linux development because it expands their markets and brings in profits.
Debian+LXDE is also good, it seems to be one of the Debian install CDs now. Advantage over Damn Small Linux is a pure Debian install, no extra packages.
Well it all depends on what you mean by "web site" - $18 million is cheap for some web sites. I have worked on an internal web site for a medium size company (few thousand employees globally) and the development costs ran to over $1 million. For the amount of work that went into it, that was a pretty good deal. It's not just html pages these days - when you have developers spending several years writing, refining, and maintaining complex backends with custom databases, a few million $s begins to look cheap.
However , i doesn't favor developers or companies ( who are forced to share their work for free ).
The GPL can accelerate software development around a product. I think it was IBM's Linux head who made the point that the GPL is what ensures that IBM, Novell, Sun, Red Hat, etc. all cooperate on the Linux kernel rather than producing proprietary forks, or having to sign individual contracts with each other to license each piece of technology that they each contribute. The GPL simplifies the entire legal process, which in turn speeds up software development, which reduces time to market which ultimately benefits companies selling Linux solutions. Looking at the changelogs for the Linux kernel over the past 18 months it appears that the speed with which new features are added to the kernel is increasing if anything. And this stuff just appears in the kernel tree, completely bypassing the traditional legal process, with the participants having contractual obligations but not having to negotiate any contracts. It's a good system.
To say that the GPL doesn't favour developers or companies is completely wrong. It doesn't favour some developers or companies - the ones that want to take the work of others, modify it, and then sell it without reproducing the source of their modifications. If you look at the profits and market capitalisation of IBM and Red Hat - clearly they have benefited greatly from GPL software.
Sounds similar to the story of Bamse, the Norwegian navy dog who learned to use the bus network in Scotland to round up the seamen from various pubs when they were due to set sail. There was also a Labrador that learnt to use taxi ranks in London a few decades ago - its owner used to take it on long walks and return by taxi. Eventually he stopped due to ill health, but the dog would carry on with the walks, patiently wait at a taxi rank until one of the drivers noticed and took him home.
They steal Sauls eyeball (again with the bodypart snatching, what's up with that?)
Gauging out an eye out in a torture session isn't the same thing as stealing.
I'm not sure whether the Cylons put Starbuck in the pregnancy experiment camp just because she was a human female and they were in short supply on Caprica, or whether they (or, at least, the Leoben's) knew that she was special at that time. I suspect the former.
The problem was not the choice of primary key. The problem was the way in which the people in charge of the process failed to consider the possibility of false positives.
more than 80,000 recipients whose benefits were unfairly denied... The searches captured dozens of criminals
"dozens?" Let's be generous and say 50. 50 out of 80,000 is a 99.9% rate of false positives. Not good.
You are right, the Trusted Platform Module can verify the boot process, and only provide encryption key service if the mainboard and harddrive and software are the same. However, it is unlikely to be possible to succeed with a TPM wipe - if the forensics lab is any good they will attach something to the bus that the TPM chip is on to intercept any possible wipe commands. Of course they will still back up the hard disk on another PC first. With software drive encryption they can rip the key out of the DRAM with hardware while it's powered up (and even for hours afterward if they can cool the DRAM before power off, see Felten's attack), so TPM doesn't help if you are forced to hand over your password.
There is no difference between a block of random data and a block of well encrypted data - that's the whole point. But I imagine that if you have a 100GB random file or partition on your hard drive and there is wire intercept or some other evidence against you (which, hypothetically, there should be, otherwise there would be no court order to seize your hard disk), then the courts will assume it's an encrypted drive.
In most cases, people using encryption software will have that software installed, and configured to rapidly open the drive (otherwise they'd have to set up key size, encryption type, etc. each time they open the drive). Also, most encryption systems don't just hash the password to produce the block cipher key - they need initial vectors etc. and then decrypt those with your password hash. This data has to be stored somewhere. If you really wanted to, you could hard code all the settings into the source before compiling, so there is no runtime config apart from specifying the password.
I'm sure RMS would be quite happy to license his writings under the GPL, but I doubt "Yahoo Tech!" would be willing to incorporate his writings and republish a GPL document.
Editor's note: InfoWorld tried to get Richard Stallman to write some content on this issue for free for us, but we demanded copyright and complete control over his content, which he didn't like, so he demanded control over his content, which we didn't like.
It makes a huge difference. There are companies out there that charge thousands of Euros for GPL software, and are highly profitable (e.g. custom GCC chain. That wouldn't be possible if Kiewe's statement that you "have to give it away for free" were true.
Re:Yup, beware of fascists... they are over THERE!
on
Leaving the GPL Behind
·
· Score: 1
Sounds like you just summed up EULAs and copyright law in general.
Wrong. MySQL claimed that if you used the GPLed MySQL client libraries then your application would be a derivative work. They never claimed that any application accessing a MySQL database would be GPL, only ones that used their GPL client libraries.
"Derivative work" is a legal term. There is no way to tell whether something is a derivative work unless you go to court and find out. If you distribute two applications together, one GPL, and the other non-GPL but depending on the GPL product, then it is likely that you'll lose the court case.
It's fairly well established that license does not extend across process boundaries
Under which case law and legal jurisdiction? If that were the case, it would be quite easy to write an automated wrapper generator for GPL libraries that allows them to be called from another process. But if you distribute somebody elses GPL code along with a process wrapper and your own closed source interface, I suspect it is highly likely that the issue will end up in court. The issue would be whether the composite software is a "derivative work". I suspect that a judge would rule against you when you try to argue that the GPL gives you the right to copy someone elses software that yours in turn depends upon, and yet still try to claim that the composite you're distributing still isn't a "derivative work".
We are not aware of the use of this software on international airports.
And also state:
Is the design of the system broken and can altered chips hence be used or abused anywhere?
No. The standards document made by ICAO enables the possibility to implement a secure system. Weaknesses as mentioned in the Times article are the result of - deliberately or not - not implementing all security measures described by ICAO. This problem is especially present in certain reading equipment.
Look, it's really not that complicated. There are only two possibilities here:
1) The Daily Mail is right. The experts at the Thales Group have completely screwed up the design of the ID card chip, someone can completely reprogram the data in 12 minutes having never seen the card before, and these valid cards will be accepted as genuine. The system is completely broken.
2) The Daily Mail is wrong. The system is not completely broken. Thales Group didn't completely screw up the design. The fake cards wouldn't be accepted as genuine if tested on real hardware.
Given the history of misreporting in this area by the traditional media, and the fact that the Daily Mail has clear motive to misrepresent the facts in order to embarrass the Labour government, then my money is on the latter.
You are misinformed about the "Golden Reader Tool". It is not produced by the British government, or even used by the British government. It is a piece of software that reads smart cards, written by the German company Secunet. It can be used to verify but not authenticate card data. Learn the difference.
Slashdot Mirror
if it's sitting on the companys computers and you've been working on it in company time, they own it.
Not necessarily. It depends on the contract you negotiated, and the original license of the software. The law can get quite complicated when arguing about such corner cases.
In this case, I would guess that, realising he was about to leave, he simply backed up his entire home dir to an offsite location. Who wouldn't? Having worked in any company for several years, we all know how seemingly important stuff can build up there, even though we never have the time to sort it all out. Unfortunately for him, the transfer was logged, and his home dir contained proprietary code. The defense, well, admission of guilt really until mitigating circumstances, seems reasonable.
If you modify a piece of software for in house use and don't distribute it outside, you don't have to distribute the source.
Maybe. Maybe not. AFAIK the issue has never been tested in court. But consider that, if you take a copy of Microsoft Office, and make lots of copies for internal use only, even though you aren't distributing the software externally you will still be guilty of copyright infringement. I would suggest that the same rules would apply to the act of internal distribution of GPL software - you either abide by the license, or you are guilty of copyright infringement. Copyright law does not distinguish between internal and external infringement, or between closed and open source infringement. Just as you cannot provide your programmers with pirated copies of Windows, you also can not provide them with pirated copies of GPL software.
He might not have, but it's implied. Are you saying the courts can make this distinction?
Firstly, it's not up to courts. Since possession of drugs for personal use was decriminalised, the courts are no longer prosecuting people for this crime. Instead, people with large quantities for personal possession go to a "dissuasion commission panel" rather than court. They can rely on medical evidence and amount of drugs on person to decide appropriate response (possibly a fine, possibly an offer of treatment). Treatment is not mandatory.
The treatment option is an alternative to a fine for possession of drugs. I had heard that for minor crimes that wouldn't go to court anyway (e..g prostitution) it can be offered as well, but I can't find a reference for that at the moment. The rest of the details are in:
TIME magazine: Drugs in Portugal: Did Decriminalization Work?
BBC News: How Portugal treats drug addicts
"It's not my fault I have a disease! The devil drugs made me do it!"
A predictable response, but consider that if a person is clinically addicted to certain drugs, then not having those drugs regularly is highly likely to cause death. In that sense, there is some truth to the reasoning that "the drugs made me do it" - the drugs are necessary to avoid death, and if the person were not addicted, then the drugs would not be necessary. Consider the hypothetical scenario where you hold in your hand a button that when pressed will electrocute and kill another innocent human. If you don't press the button within 60 seconds, you will be electrocuted and killed. If you press the button, you will be released. Your action in pressing the button is murder of an innocent person, regardless of the motive. So which do you choose - to commit the crime or murder, or to be murdered? It's an old philosophical question, but one that can easily be extended to this scenario (obviously murder is an extreme example, substitute with the more likely crimes of prostitution or theft as appropriate).
I had a thought along similar lines the other day - no white man has ever run the 100m in less than 10 seconds. The 10 second barrier has been broken hundreds of times by black athletes. How come there is no call for racial segregation in the 100m? We already have sexual segregation. Why is one a good thing for society, and the other the complete opposite? If it can be shown that white men (or black men) are at a particular disadvantage in certain sports, would that mean segregated competition would be okay? Would it suddenly be a good thing, meaning that the "disadvantaged" athletes would have a league of their own to compete within?
With some positive results. Drug dealers still go to jail, but addicts go to treatment centers.
So all users are addicts? All users get locked up *and* treated against their will. Since when is forced medical (if it is medical) treatment any of the States's business?
wtf? When did the OP say that all users are addicts?
In Portuagal addicts who commit crimes to fund their habits are offered treatment as an alternative to going to prison. Seem like a smart move to me.
I hope this finally kills off the "GPL is bad for business" myth. Every one of those companies is paying for work on the kernel because it is good for their business. Red Hat, IBM, Novell, etc. aren't charities - they sponsor Linux development because it expands their markets and brings in profits.
Debian+LXDE is also good, it seems to be one of the Debian install CDs now. Advantage over Damn Small Linux is a pure Debian install, no extra packages.
What do you think this is, some kind of democracy?
In the UK 49% of the population over the age of 19 believe that cannabis should be legal. When the politicians can ignore the will of 49% of the voting population, why should they care about a mere 8.3%?
Has this appeared on gpl-violations.org yet? Given that Humax is a German company I'd have thought that Harald Welte would be interested.
Well it all depends on what you mean by "web site" - $18 million is cheap for some web sites. I have worked on an internal web site for a medium size company (few thousand employees globally) and the development costs ran to over $1 million. For the amount of work that went into it, that was a pretty good deal. It's not just html pages these days - when you have developers spending several years writing, refining, and maintaining complex backends with custom databases, a few million $s begins to look cheap.
However , i doesn't favor developers or companies ( who are forced to share their work for free ) .
The GPL can accelerate software development around a product. I think it was IBM's Linux head who made the point that the GPL is what ensures that IBM, Novell, Sun, Red Hat, etc. all cooperate on the Linux kernel rather than producing proprietary forks, or having to sign individual contracts with each other to license each piece of technology that they each contribute. The GPL simplifies the entire legal process, which in turn speeds up software development, which reduces time to market which ultimately benefits companies selling Linux solutions. Looking at the changelogs for the Linux kernel over the past 18 months it appears that the speed with which new features are added to the kernel is increasing if anything. And this stuff just appears in the kernel tree, completely bypassing the traditional legal process, with the participants having contractual obligations but not having to negotiate any contracts. It's a good system.
To say that the GPL doesn't favour developers or companies is completely wrong. It doesn't favour some developers or companies - the ones that want to take the work of others, modify it, and then sell it without reproducing the source of their modifications. If you look at the profits and market capitalisation of IBM and Red Hat - clearly they have benefited greatly from GPL software.
Sounds similar to the story of Bamse, the Norwegian navy dog who learned to use the bus network in Scotland to round up the seamen from various pubs when they were due to set sail. There was also a Labrador that learnt to use taxi ranks in London a few decades ago - its owner used to take it on long walks and return by taxi. Eventually he stopped due to ill health, but the dog would carry on with the walks, patiently wait at a taxi rank until one of the drivers noticed and took him home.
They steal Sauls eyeball (again with the bodypart snatching, what's up with that?)
Gauging out an eye out in a torture session isn't the same thing as stealing.
I'm not sure whether the Cylons put Starbuck in the pregnancy experiment camp just because she was a human female and they were in short supply on Caprica, or whether they (or, at least, the Leoben's) knew that she was special at that time. I suspect the former.
The problem was not the choice of primary key. The problem was the way in which the people in charge of the process failed to consider the possibility of false positives.
more than 80,000 recipients whose benefits were unfairly denied... The searches captured dozens of criminals
"dozens?" Let's be generous and say 50. 50 out of 80,000 is a 99.9% rate of false positives. Not good.
You are right, the Trusted Platform Module can verify the boot process, and only provide encryption key service if the mainboard and harddrive and software are the same. However, it is unlikely to be possible to succeed with a TPM wipe - if the forensics lab is any good they will attach something to the bus that the TPM chip is on to intercept any possible wipe commands. Of course they will still back up the hard disk on another PC first. With software drive encryption they can rip the key out of the DRAM with hardware while it's powered up (and even for hours afterward if they can cool the DRAM before power off, see Felten's attack), so TPM doesn't help if you are forced to hand over your password.
There is no difference between a block of random data and a block of well encrypted data - that's the whole point. But I imagine that if you have a 100GB random file or partition on your hard drive and there is wire intercept or some other evidence against you (which, hypothetically, there should be, otherwise there would be no court order to seize your hard disk), then the courts will assume it's an encrypted drive.
In most cases, people using encryption software will have that software installed, and configured to rapidly open the drive (otherwise they'd have to set up key size, encryption type, etc. each time they open the drive). Also, most encryption systems don't just hash the password to produce the block cipher key - they need initial vectors etc. and then decrypt those with your password hash. This data has to be stored somewhere. If you really wanted to, you could hard code all the settings into the source before compiling, so there is no runtime config apart from specifying the password.
I'm sure RMS would be quite happy to license his writings under the GPL, but I doubt "Yahoo Tech!" would be willing to incorporate his writings and republish a GPL document.
Editor's note: InfoWorld tried to get Richard Stallman to write some content on this issue for free for us, but we demanded copyright and complete control over his content, which he didn't like, so he demanded control over his content, which we didn't like.
Another way of saying the same thing.
It makes a huge difference. There are companies out there that charge thousands of Euros for GPL software, and are highly profitable (e.g. custom GCC chain. That wouldn't be possible if Kiewe's statement that you "have to give it away for free" were true.
Sounds like you just summed up EULAs and copyright law in general.
Wrong. MySQL claimed that if you used the GPLed MySQL client libraries then your application would be a derivative work. They never claimed that any application accessing a MySQL database would be GPL, only ones that used their GPL client libraries.
"Derivative work" is a legal term. There is no way to tell whether something is a derivative work unless you go to court and find out. If you distribute two applications together, one GPL, and the other non-GPL but depending on the GPL product, then it is likely that you'll lose the court case.
It's fairly well established that license does not extend across process boundaries
Under which case law and legal jurisdiction? If that were the case, it would be quite easy to write an automated wrapper generator for GPL libraries that allows them to be called from another process. But if you distribute somebody elses GPL code along with a process wrapper and your own closed source interface, I suspect it is highly likely that the issue will end up in court. The issue would be whether the composite software is a "derivative work". I suspect that a judge would rule against you when you try to argue that the GPL gives you the right to copy someone elses software that yours in turn depends upon, and yet still try to claim that the composite you're distributing still isn't a "derivative work".
The Daily Mail article completely failed to acknowledge that the PKD infrastructure prevents this type of attack.
Also note that the research group that Jeroen works for has a page discussing the previous British media claims. They refute The Times allegation that "Golden Reader Tool" is used at airports
We are not aware of the use of this software on international airports.
And also state:
Is the design of the system broken and can altered chips hence be used or abused anywhere?
No. The standards document made by ICAO enables the possibility to implement a secure system. Weaknesses as mentioned in the Times article are the result of - deliberately or not - not implementing all security measures described by ICAO. This problem is especially present in certain reading equipment.
Look, it's really not that complicated. There are only two possibilities here:
1) The Daily Mail is right. The experts at the Thales Group have completely screwed up the design of the ID card chip, someone can completely reprogram the data in 12 minutes having never seen the card before, and these valid cards will be accepted as genuine. The system is completely broken.
2) The Daily Mail is wrong. The system is not completely broken. Thales Group didn't completely screw up the design. The fake cards wouldn't be accepted as genuine if tested on real hardware.
Given the history of misreporting in this area by the traditional media, and the fact that the Daily Mail has clear motive to misrepresent the facts in order to embarrass the Labour government, then my money is on the latter.
You are misinformed about the "Golden Reader Tool". It is not produced by the British government, or even used by the British government. It is a piece of software that reads smart cards, written by the German company Secunet. It can be used to verify but not authenticate card data. Learn the difference.