As the saying goes, beggars can't be choosers. And unless you havn't noticed, Linux isn't exactly the main OS of choice, or even close to it. We can't be picky about our software.
Oh, really? I would argue that it's the very pickiness of the Linux community that has gotten it as far as it has. There are also a lot of people who believe fervently that if Linux were to give up this "pickiness" it would mean losing the very thing -- guaranteed freedom -- that makes it so desirable in the first place.
Nobody's forbidden to release closed-source software for Linux. That doesn't mean that it particularly needs to be encouraged.
It's all well and good to talk about design, but it's impossible to know every contingency that will ever come up. It's also impossible to know a priori what will work well and what won't without real-world experience.
Try reading linux-kernel -- you might be surprised by how much stuff Linus rejects on the grounds of poor design. The kernel is definitely not hacked together, but it does have to evolve, and forcing it to maintain a fixed internal interface gets in the way of that. Maintaining a supported external interface, in combination with libc, seems to be the best compromise between stability and progress.
There are a number of reasons why Linus refuses to commit to a standard binary interface:
1) It commits the kernel to support something he doesn't believe the kernel should commit to, at least at this point. The kernel does provide a standard external user-space interface (at least in combination with libc). Kernel internals, however, are kernel internals, and he wants the freedom to be able to change kernel internals as needed to improve the kernel.
The kernel internal interface is not part of the POSIX definition, anyway, so there's no standard to worry about upholding.
2) Stability. Buggy user space code can crash an application, but it won't crash the system. Buggy code in the kernel -- driver or otherwise -- can crash, lock up, or corrupt the entire system. It can be very hard to trace down where the corruption comes from (I speak from moderate personal experience dealing with the kernel in various UNIX-type operating systems).
Encouraging a situation where people are at the mercy of third parties for their systems' stability is not something Linus (or anyone else) particularly cares to encourage.
Drivers don't have to be compiled into the kernel; modules work just fine for the purpose of runtime loading.
Many cars do have speed limiters. The Chrysler 300M (without the sport package does). Apparently even the BMW M5 has a limiter, somewhere around 155 MPH. Those are both the highest performance cars produced by their respective manufacturers (avoiding issues of who really owns Chrysler, and the Dodge Viper).
Fine. How does someone even know who the copyright holder even is for something? How would they go about proving it to Napster? How about something that's in the public domain (and how does one prove it)? And what about something covered by, say, the GPL?
The burden of proof is on the copyright holder to determine that a violation occurred (in the US, at any rate). Period.
The Ninth Circuit has held that attempts such as Plaintiffs' to use the limited monopoly rights bestowed on a copyright holder to control competition in an area outside the scope of the copyright constitutes copyright misuse -- an affirmative defense that bars the copyright holder from enforcing its copyright unless and until its misuse is "cured."
Hmm...Microsoft attempting to use the copyright on the spec of its Kerberos extension to control competition in the form of alternative implementations of said spec?
"When we first released Qt there was already de-facto acceptance in the community that one could make GPLed programs using Motif, even before Lesstiff came along. Motif was a proprietary and non-free library with a much stricter license than Qt."
GPL allows linking (dynamic and static) to libraries that are not GPL compliant if they are considered a part of the OS. Hence, an application in windows that uses WIN32 API has no problems. Qt is not part of the OS on any system, not even Corel Linux.
But Motif is logically no more part of the OS than Qt is. They're both UI toolkits that are not required for basic system operation.
This is the one thing that bothers me about the GPL in the current situation. The prevailing wisdom seems to be that it's OK for non-GPL software to be built on top of GPL software as long as the communication mechanism doesn't involve mapping the GPL software into the same address space as the non-GPL software. If it's done by dynamic loading a GPL library, though, the result is apparently considered a derivative work. In real world terms, this seems like a stretch. The line between use (which is not covered by the GPL) and incorporation/modification (which is) is now blurred, and is becoming more and more so with time, as runtime loading and such become more and more universal.
Does Gimp support 6Color print processes? Does Gimp even support CMYK conversion (4Color Print)? (?yet?) Until then, whats the point unless you make webpages or backgrounds?
The Gimp itself doesn't support editing in CMYK. It does, however, support printing in CMYK, and 6 and 7 color printers (CcMmYyK). The development version of the print plugin (which I am project lead for) supports the latest Epson Stylus printers, including the Photo 870 and 1270, and produces print quality comparable to Windows (many people think that in certain ways the print quality is better, although the smoothness still has a ways to go).
The CM-1 and CM-2 Connection Machines had the same basic idea. The CM-5 was a bit different -- it still had a front end, but the individual processors could be booted to run UNIX (SunOS), and in general were a bit more independent. The CM-1 and CM-2 were pure SIMD. This was actually quite a popular approach in the 1980's; there were lots of startups trying to do much the same thing, ultimately with even less success than Thinking Machines.
A lot of us who had been at TMC in the 1980's liked the CM-2 much more than the CM-5. Architecturally it was very clean. The CM-5 was a much more complicated machine.
This particular GPL violation really does sound like an innocent mistake. Two people assumed that the other one would deal with putting up the source code. As long as it gets fixed quickly, it's not an example of anything.
Regarding the EULA issue, the GPL is not a EULA in the same sense Microsoft's EULAs are. The GPL does not remove any rights that the end user would normally enjoy under copyright law. It strictly grants additional rights for the user who wishes to distribute the code.
Well, yeah, I think it is good, but I have another concern: Quite a few smaller businesses might think that "we can't put anything on the internet that isn't supposed to be completely open, 'cause someone will abuse it". And that's not a good message.
Actually, the message is "you can't put anything on a publicly accessible web site that isn't supposed to be completely open." If you put it on a suitably protected (which we'll gloss over for now) secured site, it's quite another matter. If the message is interpreted as "we should actually think hard about what we put on the net before we do so" then it's certainly a good message.
Well, suppose the end user can't actually see the EULA? A Linux user unzips it (the most reasonable way to try to access it). How can he see the EULA to even know the terms?
"No part of this publication may be reproduced..." isn't a EULA any more than the GPL is. Copyright in general allows non-holders only very limited reproduction rights, and the statement at the beginning of the book doesn't forbid anything that copyright law already forbids. Likewise, the GPL grants strictly more rights than copyright law does.
If the book stated something like "the information contained herein may be used only for purpose X" or "this book may not be resold without written permission of the publisher", on the other hand, the situations would be more comparable. Part of US copyright law (the "first sale doctrine") allows someone who owns a legal copy the right to resell it and otherwise dispose of it. The INSTANCE of the book is entirely owned by the person who bought it. What isn't allowed is copying it, beyond certain points (e. g. excerpting short passages for review).
The problem here is that Microsoft is putting something on an open web site, offering it for download, and then claiming that use of the information contained in it is restricted (as opposed to merely stating that copying of the information is out).
I think that it's reasonable for Microsoft to ask that the actual copies posted to Slashdot be taken off. They do hold the copyright on the particular expression of the specs. On the other hand, asking that links be removed, or the fact that it can simply be unzipped, strikes me (who's not a lawyer) as ridiculous.
Thats a matter of debate really. Under "IP" laws, there are, by default, restrictions on use of the software. The GPL is LESS restrictive than the laws defaults.
Well, not quite. Current law does provide for works to be placed in the public domain. Certainly works in the public domain are the most free, as there are no restrictions on them at all!
The original poster is correct -- by default all works are copyrighted by the author, who can choose to explicitly place them in the public domain.
The best way to handle any such situation is for both parties concerned to know exactly what's going on. You may well find your employer very understanding to your situation.
I'm working on my own GPL project (which is completely unrelated to my work). I discussed the situation with our corporate counsel, and with my manager, and nobody had a problem. Recently I was offered a piece of hardware on a sort of personal loan basis, so I asked my manager about it before accepting it (in case accepting something like that would be a problem). It was not a problem at all, and my manager appreciated my disclosing it to him.
It doesn't matter whether the project is something that could be of use to your employer or not. If it is useful, they may well be more cooperative, not less. If they do have a problem with it, it's better to know now than later.
The problem is that the legal requirements to actually effect a transfer are complicated and difficult: the law wants to make sure that when you give up your copyrights, you really really meant to do that. I am not a lawyer, but my understanding is it requires an actual signature on an actual piece of paper--some unsigned statement posted to the internet or sent via email just won't do.
The assignment isa paper form signed by both parties.
I disagree. By short-selling Des Moines properties, and Medicine incomes, he is buying insurance, therefore he is decreasing the variance of his portfolio and hence his overall risk.
If he gets squeezed out of his shorts, its cool, because his property and revenue will have gone up. If his property and revenue go down, its cool, because his shorts will have made money.
Well, it's not quite as simple as all that. If he's forced to cover his short position, he's just lost his insurance, at the most crucial point (when the market may be close to its peak).
That kind of insurance (although I'm having trouble visualizing the exact kind of instrument this would be) is useful in relatively stable times (when systemic risk is low) for protection against individual catastrophes (e. g. the doctor becoming disabled). For times when systemic risk is high (economic turmoil), though, things can get dicey. What happens if, for example, the counterparty can't pay off the transaction? I pay a premium for insurance coverage, and then the insurance companies suddenly find themselves facing more claims than they have resources to pay. Now what?
Well, insurance companies themselves can buy insurance. That's called "reinsurance". That's all well and good, but suppose things get so bad that the reinsurers go belly up?
Now we're really in the soup. At this point, something that's supposed to blunt (negative feedback) the harmful effects of a catastrophe is no longer doing so. In fact, the mass claims from this one systemic catastrophe weaken the insurance companies' ability to pay off unrelated claims, which causes ripple effects through the rest of the economy. Now we're in a positive feedback cycle.
The whole point is that in extreme circumstances, something that looks like protection may actually have the reverse effect if all of the effects are not carefully considered. This kind of thing is not intended to protect against individual misfortune in a stable economic climate, but rather a mass misfortune in a very unstable environment. The normal rules might not apply then.
(You'll note that I cast this in insurance terms, because that's really what it is, in theory. I have real trouble figuring out who would issue such a security. I suppose a group of doctors would get together and offer bonds with interest paid from future earnings. That would certainly enable doctors to lay off some risk, which is the whole idea. But that would surely be an extremely high risk security, what with moral hazard and all that. I think that this particular example of Shiller's is weird.)
On the one hand, Shiller claims that the markets are being driven more by emotion than by any reasonable measure, and that it can't last. I agree with that. When even the most solid high tech/high growth firms are trading at multiples of 100 (price/earnings) and well-established bricks and mortar retail chains that cannot realistically expect high growth at 40, something seems out of line. Traditionally, conservative companies have traded at 10-15, and growth companies more like 20-30.
I'm also concerned about a lot of other parallels with the late 1920's -- everyone's into playing the market, people talking about fundamental transformations of the economy, seemingly very low inflation in the price of material goods (as opposed to assets), increasing inequality, and such.
But then Shiller recommends more of the same medicine -- expansion of the financial markets, "to allow people to protect themselves against major economic risks." In an irrational boom, this would only add fuel to the fire. Yes, the doctor in Des Moines could take a short position in medical incomes and in Des Moines real estate (which amounts to shorting against the box, a conservative way of locking in a profit). But is that what the doctor would really do? I doubt it.
More likely, one of two things would happen:
1) The doctor would go long on both positions, as a way of leveraging his income.
2) Even if he shorted, the price of these securities would continue to rise in the short term, squeezing him (forcing him to cover his short position by buying the securities at a loss).
The net effect is that our hypothetical doctor is more exposed, not less exposed, to risk.
(There's also the little matter of what underlying assets these securities really represent. If they're merely trading instruments, with nothing backing them, then they're simply a form of betting and aren't hedging anything at all. Traditional options actually give the holder an option to purchase or sell a particular asset. Common stocks, while the connection is a bit more tenuous, do represent the ability of the issuing corporation to pay dividends, buy back its own stock, and otherwise benefit the shareholder. For this kind of scheme to work, a pool of doctors would have to pledge some fraction of their future income as ultimate payment on the security. That implies that they expect that income to be less than the price they write the option at. Uh huh.)
We've seen the trouble that even sophisticated corporations specializing in financial services have gotten themselves into with derivative securities. Other companies have gotten themselves into trouble because they think they're hedging against some risk, where in fact they're doing nothing of the sort. And Shiller expects individuals to do better? If people systematically make mistakes -- and part of "irrational exuberance" is that people are consistently taking an overly optimistic view -- then there's a lot of potential for, shall we say, adverse consequences when things turn. Positive feedback (leveraging is a way of accomplishing this) is incredibly dangerous. It's even worse if people think they're hedging (applying negative feedback to their portfolios) when they're doing nothing of the sort.
One of the things that fueled the crash in 1929 (whether it fueled the depression is another matter, but it's hard to see how it helped) was margin calls that led to what might be called a "death spiral". As the market dropped, people who bought stock on margin (with loans from their brokers) faced "margin calls" -- they had to pony up more cash because the value of the security was insufficient collateral for the loan. If they couldn't come up with the cash, they had to sell in order to raise the cash. The selling, of course, only drove prices down further, closing the feedback loop. Bad news. If the amount of the loans were less as a fraction of the value of the securities bought, there would be less risk of this because the market would have to fall further to trigger the margin calls that fueled the rout.
I think that Shiller himself is a victim of the exact irrational exuberance he claims to be concerned about. He's right to be concerned about the insanity of the high tech (particularly the internet) sector right now, but I'm afraid that he simply wants to drain the craziness into everything else. Allowing people to leverage their future income is potentially disastrous. What happens if their future income is insufficient to cover their bet? Or, for the bear, if their counterparty can't cover? Then even the supposed hedge turns out worthless, and even the bear loses. That, I think, is even more dangerous than the current high tech boom.
Call me a fuddy-duddy (at 36!), but I want to stay WELL away from that kind of nonsense.
There are, as I see it, two kinds of defensive patents. The more benign use is to prevent someone else from trying to patent the same thing. The nice thing about having a patent in that regard is that demonstrating prior art is very simple. Of course, filing that as a statutory patent is the most benign of all. Without that, though, you have to demonstrate a lot more: literature searches and all that. The patent office would be hard pressed to ignore a patent that it itself granted earlier.
The second use is basically "I won't stop anyone from doing this, unless they try to stop me from doing something else." Someone goes after you for infringing their patent? Fine -- but gee whiz, doesn't your frobnitz infringe mine too? Uh, gee, there's no sense in getting all tied up in court. We're even. Without that patent, there's not a whole lot of defense. Of course, since a patent is a patent, it can "mutate" into something less benign when management gets other ideas.
Then there's what Amazon tried to claim as "defensive" -- they're a small, weak company, and they need something to hold the big guys at bay. Somehow, that doesn't strike me as very defensive.
Truth be told, I haven't heard a lot about Microsoft going after other companies on patent violations. Maybe they have and I haven't heard about it, but they do generally seem more inclined to compete in the marketplace (even if it's a marketplace that they've rigged) than to play legal games.
The only problem I have with RMS's view of this (and why I tend to think of him as an Ivory Tower academic with little real-world experience) is the fact that as an academic, he is able to live in a middle-class environment without having to deal with the "real world" of corporations and putting food on the table except in the abstract.
RMS isn't an academic. The MIT AI lab still lets the FSF use some space (I think), but RMS isn't on the MIT payroll. I don't know if he draws a salary from the FSF, but it would be modest at best. He did get the McArthur fellowship grant a number of years ago, but he basically plowed the money back into the FSF.
He used to make money by consulting when he needed it. I don't know if he still does it. He doesn't live "middle class" beyond the fact that housing alone in the Boston area demands middle class resources for even a 1-bedroom apartment.
I've had a few run-ins with RMS myself. He's blunt and outspoken by nature, and it's easy to have disagreements with him. However, I'm not particularly ashamed to admit that he's been proven right over time much more often than not, and even if I didn't care for his style I'd be foolish to to ignore that fact.
If you read that interview carefully (and also pay attention to what goes on), you will note that he does not reflexively take the positions that one would expect. For example, when Corel decided to distribute their Linux beta only to people age 18 and up, he jumped in, all right -- squarely on the side of Corel (Corel is not obligated to distribute their Linux to anyone they don't want to, and they weren't restricting downstream distribution). I think he's actually quite careful and measured in what he says. I won't claim that he's diplomatic, just that he thinks carefully about what positions he takes and is very precise in his language.
I won't say that it's "fair" or not to have a low opinion of free software because of personal distaste for RMS, but I think it's very superficial to do so.
Just what you'd expect from a second-rate institution like that. All they do over there is play hockey; nobody actually has time to think.
For demonstrations of true virtuosity, one must travel to the downstream bank of the Charles. Dropping objects is perfectly legitimate technique for the novice, but in order to be worthwhile one must carefully measure and repeat the experiment in a public forum. Even Baker was capable of measuring the bruno, the unit of volume created by a piano falling from the roof, and this experiment was repeated for a number of years to determine the true value more precisely.
The attack it tries to protect against is where the attacker tries to feed very specific bad data to a running program. This data is actually code, with some stack hackery to force the executable to run the desired code. If libsafe prevents the necessary action from taking place (specifically, smashing the stack frame in the inappropriate fashion), then the attacker can never run the code in the first place.
Unsetting LD_PRELOAD won't affect a running executable even if it could be done by the attacker, which hopefully it can't do now anyway.
Libsafe is not designed to protect against someone who already has independent means of running an executable (although it might protect against someone who tries to crack a local setuid program, issues of forcing the LD_PRELOAD aside). Someone who has a shell can create their own executable anyway, and doesn't need a stack smash. It's intended to protect network daemons, where the attacker doesn't already have system access.
Grep's great for finding calls to gets that are basically unsafe under virtually any conditions. It can find calls to other dangerous functions (strcat, strcpy, sprintf for example) if you have the source handy, but it doesn't help you decide whether each call is dangerous or not. For example, strcpy is dangerous, but if the length of the string being copied is provably bounded, it may be quite safe.
I consider gets to be essentially unsafe in all circumstances because it relies upon good external behavior. I suppose one can always come up with a safe example -- a program pipes, forks, and the child rebinds stdin to the pipe -- but that's contrived. It would be nice to replace the substitute function for gets with one that aborts if gets (and probably also scanf) is ever called.
The real advantage of libsafe is that it catches problems that happen at runtime with calls that might otherwise be reasonable. It's a backstop. The fact that stack smashes still happen is clear evidence that grepping source isn't sufficient.
Slashdot Mirror
Oh, really? I would argue that it's the very pickiness of the Linux community that has gotten it as far as it has. There are also a lot of people who believe fervently that if Linux were to give up this "pickiness" it would mean losing the very thing -- guaranteed freedom -- that makes it so desirable in the first place.
Nobody's forbidden to release closed-source software for Linux. That doesn't mean that it particularly needs to be encouraged.
It's all well and good to talk about design, but it's impossible to know every contingency that will ever come up. It's also impossible to know a priori what will work well and what won't without real-world experience.
Try reading linux-kernel -- you might be surprised by how much stuff Linus rejects on the grounds of poor design. The kernel is definitely not hacked together, but it does have to evolve, and forcing it to maintain a fixed internal interface gets in the way of that. Maintaining a supported external interface, in combination with libc, seems to be the best compromise between stability and progress.
There are a number of reasons why Linus refuses to commit to a standard binary interface:
1) It commits the kernel to support something he doesn't believe the kernel should commit to, at least at this point. The kernel does provide a standard external user-space interface (at least in combination with libc). Kernel internals, however, are kernel internals, and he wants the freedom to be able to change kernel internals as needed to improve the kernel.
The kernel internal interface is not part of the POSIX definition, anyway, so there's no standard to worry about upholding.
2) Stability. Buggy user space code can crash an application, but it won't crash the system. Buggy code in the kernel -- driver or otherwise -- can crash, lock up, or corrupt the entire system. It can be very hard to trace down where the corruption comes from (I speak from moderate personal experience dealing with the kernel in various UNIX-type operating systems).
Encouraging a situation where people are at the mercy of third parties for their systems' stability is not something Linus (or anyone else) particularly cares to encourage.
Drivers don't have to be compiled into the kernel; modules work just fine for the purpose of runtime loading.
Many cars do have speed limiters. The Chrysler 300M (without the sport package does). Apparently even the BMW M5 has a limiter, somewhere around 155 MPH. Those are both the highest performance cars produced by their respective manufacturers (avoiding issues of who really owns Chrysler, and the Dodge Viper).
Fine. How does someone even know who the copyright holder even is for something? How would they go about proving it to Napster? How about something that's in the public domain (and how does one prove it)? And what about something covered by, say, the GPL?
The burden of proof is on the copyright holder to determine that a violation occurred (in the US, at any rate). Period.
As the brief pointed out, once Napster is made aware of a specific account with a specific copyright violation, that account is terminated.
Hmm...Microsoft attempting to use the copyright on the spec of its Kerberos extension to control competition in the form of alternative implementations of said spec?
But Motif is logically no more part of the OS than Qt is. They're both UI toolkits that are not required for basic system operation.
This is the one thing that bothers me about the GPL in the current situation. The prevailing wisdom seems to be that it's OK for non-GPL software to be built on top of GPL software as long as the communication mechanism doesn't involve mapping the GPL software into the same address space as the non-GPL software. If it's done by dynamic loading a GPL library, though, the result is apparently considered a derivative work. In real world terms, this seems like a stretch. The line between use (which is not covered by the GPL) and incorporation/modification (which is) is now blurred, and is becoming more and more so with time, as runtime loading and such become more and more universal.
The Gimp itself doesn't support editing in CMYK. It does, however, support printing in CMYK, and 6 and 7 color printers (CcMmYyK). The development version of the print plugin (which I am project lead for) supports the latest Epson Stylus printers, including the Photo 870 and 1270, and produces print quality comparable to Windows (many people think that in certain ways the print quality is better, although the smoothness still has a ways to go).
See http://gimp-print.sourceforge.net for more information on this.
The CM-1 and CM-2 Connection Machines had the same basic idea. The CM-5 was a bit different -- it still had a front end, but the individual processors could be booted to run UNIX (SunOS), and in general were a bit more independent. The CM-1 and CM-2 were pure SIMD. This was actually quite a popular approach in the 1980's; there were lots of startups trying to do much the same thing, ultimately with even less success than Thinking Machines.
A lot of us who had been at TMC in the 1980's liked the CM-2 much more than the CM-5. Architecturally it was very clean. The CM-5 was a much more complicated machine.
This particular GPL violation really does sound like an innocent mistake. Two people assumed that the other one would deal with putting up the source code. As long as it gets fixed quickly, it's not an example of anything.
Regarding the EULA issue, the GPL is not a EULA in the same sense Microsoft's EULAs are. The GPL does not remove any rights that the end user would normally enjoy under copyright law. It strictly grants additional rights for the user who wishes to distribute the code.
Actually, the message is "you can't put anything on a publicly accessible web site that isn't supposed to be completely open." If you put it on a suitably protected (which we'll gloss over for now) secured site, it's quite another matter. If the message is interpreted as "we should actually think hard about what we put on the net before we do so" then it's certainly a good message.
Well, suppose the end user can't actually see the EULA? A Linux user unzips it (the most reasonable way to try to access it). How can he see the EULA to even know the terms?
"No part of this publication may be reproduced..." isn't a EULA any more than the GPL is. Copyright in general allows non-holders only very limited reproduction rights, and the statement at the beginning of the book doesn't forbid anything that copyright law already forbids. Likewise, the GPL grants strictly more rights than copyright law does.
If the book stated something like "the information contained herein may be used only for purpose X" or "this book may not be resold without written permission of the publisher", on the other hand, the situations would be more comparable. Part of US copyright law (the "first sale doctrine") allows someone who owns a legal copy the right to resell it and otherwise dispose of it. The INSTANCE of the book is entirely owned by the person who bought it. What isn't allowed is copying it, beyond certain points (e. g. excerpting short passages for review).
The problem here is that Microsoft is putting something on an open web site, offering it for download, and then claiming that use of the information contained in it is restricted (as opposed to merely stating that copying of the information is out).
I think that it's reasonable for Microsoft to ask that the actual copies posted to Slashdot be taken off. They do hold the copyright on the particular expression of the specs. On the other hand, asking that links be removed, or the fact that it can simply be unzipped, strikes me (who's not a lawyer) as ridiculous.
The original poster is correct -- by default all works are copyrighted by the author, who can choose to explicitly place them in the public domain.
The best way to handle any such situation is for both parties concerned to know exactly what's going on. You may well find your employer very understanding to your situation.
I'm working on my own GPL project (which is completely unrelated to my work). I discussed the situation with our corporate counsel, and with my manager, and nobody had a problem. Recently I was offered a piece of hardware on a sort of personal loan basis, so I asked my manager about it before accepting it (in case accepting something like that would be a problem). It was not a problem at all, and my manager appreciated my disclosing it to him.
It doesn't matter whether the project is something that could be of use to your employer or not. If it is useful, they may well be more cooperative, not less. If they do have a problem with it, it's better to know now than later.
The assignment isa paper form signed by both parties.
Well, it's not quite as simple as all that. If he's forced to cover his short position, he's just lost his insurance, at the most crucial point (when the market may be close to its peak).
That kind of insurance (although I'm having trouble visualizing the exact kind of instrument this would be) is useful in relatively stable times (when systemic risk is low) for protection against individual catastrophes (e. g. the doctor becoming disabled). For times when systemic risk is high (economic turmoil), though, things can get dicey. What happens if, for example, the counterparty can't pay off the transaction? I pay a premium for insurance coverage, and then the insurance companies suddenly find themselves facing more claims than they have resources to pay. Now what?
Well, insurance companies themselves can buy insurance. That's called "reinsurance". That's all well and good, but suppose things get so bad that the reinsurers go belly up?
Now we're really in the soup. At this point, something that's supposed to blunt (negative feedback) the harmful effects of a catastrophe is no longer doing so. In fact, the mass claims from this one systemic catastrophe weaken the insurance companies' ability to pay off unrelated claims, which causes ripple effects through the rest of the economy. Now we're in a positive feedback cycle.
The whole point is that in extreme circumstances, something that looks like protection may actually have the reverse effect if all of the effects are not carefully considered. This kind of thing is not intended to protect against individual misfortune in a stable economic climate, but rather a mass misfortune in a very unstable environment. The normal rules might not apply then.
(You'll note that I cast this in insurance terms, because that's really what it is, in theory. I have real trouble figuring out who would issue such a security. I suppose a group of doctors would get together and offer bonds with interest paid from future earnings. That would certainly enable doctors to lay off some risk, which is the whole idea. But that would surely be an extremely high risk security, what with moral hazard and all that. I think that this particular example of Shiller's is weird.)
On the one hand, Shiller claims that the markets are being driven more by emotion than by any reasonable measure, and that it can't last. I agree with that. When even the most solid high tech/high growth firms are trading at multiples of 100 (price/earnings) and well-established bricks and mortar retail chains that cannot realistically expect high growth at 40, something seems out of line. Traditionally, conservative companies have traded at 10-15, and growth companies more like 20-30.
I'm also concerned about a lot of other parallels with the late 1920's -- everyone's into playing the market, people talking about fundamental transformations of the economy, seemingly very low inflation in the price of material goods (as opposed to assets), increasing inequality, and such.
But then Shiller recommends more of the same medicine -- expansion of the financial markets, "to allow people to protect themselves against major economic risks." In an irrational boom, this would only add fuel to the fire. Yes, the doctor in Des Moines could take a short position in medical incomes and in Des Moines real estate (which amounts to shorting against the box, a conservative way of locking in a profit). But is that what the doctor would really do? I doubt it.
More likely, one of two things would happen:
1) The doctor would go long on both positions, as a way of leveraging his income.
2) Even if he shorted, the price of these securities would continue to rise in the short term, squeezing him (forcing him to cover his short position by buying the securities at a loss).
The net effect is that our hypothetical doctor is more exposed, not less exposed, to risk.
(There's also the little matter of what underlying assets these securities really represent. If they're merely trading instruments, with nothing backing them, then they're simply a form of betting and aren't hedging anything at all. Traditional options actually give the holder an option to purchase or sell a particular asset. Common stocks, while the connection is a bit more tenuous, do represent the ability of the issuing corporation to pay dividends, buy back its own stock, and otherwise benefit the shareholder. For this kind of scheme to work, a pool of doctors would have to pledge some fraction of their future income as ultimate payment on the security. That implies that they expect that income to be less than the price they write the option at. Uh huh.)
We've seen the trouble that even sophisticated corporations specializing in financial services have gotten themselves into with derivative securities. Other companies have gotten themselves into trouble because they think they're hedging against some risk, where in fact they're doing nothing of the sort. And Shiller expects individuals to do better? If people systematically make mistakes -- and part of "irrational exuberance" is that people are consistently taking an overly optimistic view -- then there's a lot of potential for, shall we say, adverse consequences when things turn. Positive feedback (leveraging is a way of accomplishing this) is incredibly dangerous. It's even worse if people think they're hedging (applying negative feedback to their portfolios) when they're doing nothing of the sort.
One of the things that fueled the crash in 1929 (whether it fueled the depression is another matter, but it's hard to see how it helped) was margin calls that led to what might be called a "death spiral". As the market dropped, people who bought stock on margin (with loans from their brokers) faced "margin calls" -- they had to pony up more cash because the value of the security was insufficient collateral for the loan. If they couldn't come up with the cash, they had to sell in order to raise the cash. The selling, of course, only drove prices down further, closing the feedback loop. Bad news. If the amount of the loans were less as a fraction of the value of the securities bought, there would be less risk of this because the market would have to fall further to trigger the margin calls that fueled the rout.
I think that Shiller himself is a victim of the exact irrational exuberance he claims to be concerned about. He's right to be concerned about the insanity of the high tech (particularly the internet) sector right now, but I'm afraid that he simply wants to drain the craziness into everything else. Allowing people to leverage their future income is potentially disastrous. What happens if their future income is insufficient to cover their bet? Or, for the bear, if their counterparty can't cover? Then even the supposed hedge turns out worthless, and even the bear loses. That, I think, is even more dangerous than the current high tech boom.
Call me a fuddy-duddy (at 36!), but I want to stay WELL away from that kind of nonsense.
There are, as I see it, two kinds of defensive patents. The more benign use is to prevent someone else from trying to patent the same thing. The nice thing about having a patent in that regard is that demonstrating prior art is very simple. Of course, filing that as a statutory patent is the most benign of all. Without that, though, you have to demonstrate a lot more: literature searches and all that. The patent office would be hard pressed to ignore a patent that it itself granted earlier.
The second use is basically "I won't stop anyone from doing this, unless they try to stop me from doing something else." Someone goes after you for infringing their patent? Fine -- but gee whiz, doesn't your frobnitz infringe mine too? Uh, gee, there's no sense in getting all tied up in court. We're even. Without that patent, there's not a whole lot of defense. Of course, since a patent is a patent, it can "mutate" into something less benign when management gets other ideas.
Then there's what Amazon tried to claim as "defensive" -- they're a small, weak company, and they need something to hold the big guys at bay. Somehow, that doesn't strike me as very defensive.
Truth be told, I haven't heard a lot about Microsoft going after other companies on patent violations. Maybe they have and I haven't heard about it, but they do generally seem more inclined to compete in the marketplace (even if it's a marketplace that they've rigged) than to play legal games.
RMS isn't an academic. The MIT AI lab still lets the FSF use some space (I think), but RMS isn't on the MIT payroll. I don't know if he draws a salary from the FSF, but it would be modest at best. He did get the McArthur fellowship grant a number of years ago, but he basically plowed the money back into the FSF.
He used to make money by consulting when he needed it. I don't know if he still does it. He doesn't live "middle class" beyond the fact that housing alone in the Boston area demands middle class resources for even a 1-bedroom apartment.
I've had a few run-ins with RMS myself. He's blunt and outspoken by nature, and it's easy to have disagreements with him. However, I'm not particularly ashamed to admit that he's been proven right over time much more often than not, and even if I didn't care for his style I'd be foolish to to ignore that fact.
If you read that interview carefully (and also pay attention to what goes on), you will note that he does not reflexively take the positions that one would expect. For example, when Corel decided to distribute their Linux beta only to people age 18 and up, he jumped in, all right -- squarely on the side of Corel (Corel is not obligated to distribute their Linux to anyone they don't want to, and they weren't restricting downstream distribution). I think he's actually quite careful and measured in what he says. I won't claim that he's diplomatic, just that he thinks carefully about what positions he takes and is very precise in his language.
I won't say that it's "fair" or not to have a low opinion of free software because of personal distaste for RMS, but I think it's very superficial to do so.
Just what you'd expect from a second-rate institution like that. All they do over there is play hockey; nobody actually has time to think.
For demonstrations of true virtuosity, one must travel to the downstream bank of the Charles. Dropping objects is perfectly legitimate technique for the novice, but in order to be worthwhile one must carefully measure and repeat the experiment in a public forum. Even Baker was capable of measuring the bruno, the unit of volume created by a piano falling from the roof, and this experiment was repeated for a number of years to determine the true value more precisely.
The attack it tries to protect against is where the attacker tries to feed very specific bad data to a running program. This data is actually code, with some stack hackery to force the executable to run the desired code. If libsafe prevents the necessary action from taking place (specifically, smashing the stack frame in the inappropriate fashion), then the attacker can never run the code in the first place.
Unsetting LD_PRELOAD won't affect a running executable even if it could be done by the attacker, which hopefully it can't do now anyway.
Libsafe is not designed to protect against someone who already has independent means of running an executable (although it might protect against someone who tries to crack a local setuid program, issues of forcing the LD_PRELOAD aside). Someone who has a shell can create their own executable anyway, and doesn't need a stack smash. It's intended to protect network daemons, where the attacker doesn't already have system access.
Grep's great for finding calls to gets that are basically unsafe under virtually any conditions. It can find calls to other dangerous functions (strcat, strcpy, sprintf for example) if you have the source handy, but it doesn't help you decide whether each call is dangerous or not. For example, strcpy is dangerous, but if the length of the string being copied is provably bounded, it may be quite safe.
I consider gets to be essentially unsafe in all circumstances because it relies upon good external behavior. I suppose one can always come up with a safe example -- a program pipes, forks, and the child rebinds stdin to the pipe -- but that's contrived. It would be nice to replace the substitute function for gets with one that aborts if gets (and probably also scanf) is ever called.
The real advantage of libsafe is that it catches problems that happen at runtime with calls that might otherwise be reasonable. It's a backstop. The fact that stack smashes still happen is clear evidence that grepping source isn't sufficient.