If Google is a thief, what, pray tell, is Microsoft?
Google has been a bit tricky, and it might have been nice had they been willing to put all of Android under GPL or similar copyleft, but from what I've read, they are complying with the letter of the law on the GPLed portions and how they are linked to code licensed incompatibly.
That design patents have become law and can be abused the way Apple is abusing them does not put Apple in the right.
Theoretically, the design patents can be challenged. There isn't much case law on it yet, however. It would be nice if Samsung could demonstrate the stupidity of the design patent law with this case, but I don't know how or where the next step of repealing the design patent law in the EU could get started.
There may be reasons for asking for NDAs to discuss public things in the context of a suit, but this is clearly extortion, like the schoolyard bully threatening to punch you if you don't promise not to breath a word about it anywhere but in the principal's office.
In some decades this sort of gaming the system has been "normal". In some decades, it has been called what it is and disallowed. It has never been ethical.
The source code must be disclosed and claimed in the patent, and it must be the basis for the claim and the limit of the claim. And the claims must be limited by the language, compiler, libraries, runtime, etc., of the implementations they have running and reasonably bug-free.
That should be a lot easier to figure out than what we have: copyright is correct for software and patent is not.
We can see what Apple is attacking Samsung with. There are no NDAs preventing anyone from even seeing those trash design patents unless they sign. Completely different ballgame.
And, if the design patents turn out to be hard enough to fight, I don't expect Samsung to hold ground there, either.
We are spectators to a poker game, trying to guess what the players are holding. You base your guess on the bets being placed, and I'll place mine by what's in the discard pile. And by how much money I see going under the table from Microsoft to the dealer.
Because Microsoft can drag them through the court system, and the possibility of an incorrect decision by the courts is significantly larger than zero at multiple points in the game.
If Microsoft will issue the license for less than what Samsung expects defending the suit itself to cost, the license seems cheaper.
Eventually, the customer gets sick of all of this and realizes we got along without all these gadgets okay before and gives the finger to the lot of them. Because it turns out that the gadget without the freedom to use it is more trouble than it's worth. But these big companies know they can take us for quite a ride until then.
Everything is information. Everything is Mathematics.
Okay, prove it. Give me a mathematical model that can accurately model the lightswitch in my wall. Down to the time of failure. Not the MTBF, the time of this switch's failure.
If you could give me a model that accurately predicted the failure of this switch, use that model to actually turn the light in my room on and off.
Without a CPU or programmable logic implementing the model and controlling some sort of transponder.
To some mathematicians, mathematics is everything. Some wannabee mathematicians invert the relationship and claim everything is mathematics. I see two errors of logic in that.
If you want to patent the math, patent the source code, and accept the limits on what that will buy you.
I guess I've read his comments differenty than you.
The way I see it, he wants a quick startup now, and he wants to study the real stuff, explicitly including the cli, later. That's why I made the comments about openbsd -- as something to do later. And you can't deny that openbsd is a good way to learn who to work things from the cli.
Yeah, there are differences between the several BSDs and the several Linux distros, but the differences are instructive. (BTW, I don't recall having suggested openbsd for security purposes in this article. I do remember having mentioned it in connection with learning the cli.)
Hobby project? 2500 users, whether that's 2500 users who will be using it every day or 2500 users that may use it once a month or less, is not a hobby project. 2500 may not be 25000, but it's still enough users to attract attention from people interested in using the server for their own purposes.
Ten users is a hobby project. That's also a good number to target while he's bringing up the system prototype, which he should do on one box, before he brings up the production system on another.
I'm not talking paranoia. If I were talking paranoia, I'd be suggesting openbsd on custom firewalls and separate servers for each function, at minimum.
But with 2500 users, he does need a dev function and a backup function, and he does need to put a security plan in place, and webmin is not a security plan.
Once he has experience, maybe he can wing it, but not while he's trying to find his way around.
Your anecdotes? Maybe you've been lucky. Maybe you only think you have been lucky. I have no way to know which from here.
Maybe you've been using webmin long enough to get away with what you are bragging about. The current version of webmin may be securable if you know what you are doing. But if you don't realize you are bragging, that's a problem, too.
Uhm, using your own certs can cover some problems, but it doesn't address the primary issues.
I don't want to be too obnoxious, but you do have a schedule to go back and check all those servers you have deployed periodically, right? Some sort of canary or tripwire in place, checksums of some sort on the executables exposed to the web, etc.?
But it never hurts to let the people over "there" (wherever there is) know that people over here (wherever here is) are aware of their dependence on things that are fundamentally not dependable.
You missed the other times I posted because they were in other subthreads, and not in reply to your posts.
Gems? opinions are like armpits. Everyone has at least two, and they all smell but your own. You don't like my "gems", well, it's no sweat off my back. I wasn't talking to you.
But why do you think trojans in a LAMP server are no big deal? That assertion kind of dilutes your optimism, you know.
I guess you didn't miss all of my posts if you saw my suggestion about openbsd. But you seem to have missed that in the post in which I was not joking, I was suggesting it as a way to study the command line when one has more time. Oh, well. Not helpful to you, I see. But I wasn't talking to you, so, whatever suits you there is fine by me.
But ssl is by no means equivalent to ssh. https and ssh are completely different beasts. https is particularly undermined by the clot of certificates, and all the add-ons that run in your browser. (I assume you weren't meaning that you should use lynx to access webmin?) And, did you notice the conversations recently about the way browsers are handling the block cipher initializations? ssh has no issues there.
Thus, if one really needs the hand-holding, webmin really should be open only to localhost.
If you are going to be as casual about trojans and differences in vulnerability levels as you indicate, please refrain from putiing more servers up on the open web.
bhcompy -- I'm kidding about openbsd as a real option at this point.
But when you get this project settled in a bit, take a look at it. Good place to practice CLI when you're ready, and learn basics about X11 when your ready for that. Fun times.
You might have missed this reply to my angst up a bit in a different sub-thread. Something to consider, the hidden assumptions and the defaults that tend not to match what you plan to do.
Anyway, do go to the effort of procuring a server to make your first messes in, separate from the production server. Maybe even arrange for a VM on your workstation, and disk space to hold the VM and what you do in it. If it's worth doing, it's worth doing at least that much. And don't let webmin lull you to sleep about the command line. (It's a real danger, despite best intentions now.)
Get an extra box for making your first mistakes in. Do not let all 2500 users play on your first efforts unless you are ready and they won't mind if you have to suddenly wipe the box and start from scratch because it is full of trojans and the like.
Keep backups of the data, preferably not on a drive permanently attached to either the production server or the dev/test/playground server.
And, just to emphasize what everyone is saying, go check out openbsd sometime. Don't fear the CLI, even if you choose to start with webmin telling you what it thinks your options should be. And, someone else pointed it out, but you want to keep webmin only accessible localhost. Even if you have to use the command line to set that up.
Slashdot Mirror
If Google is a thief, what, pray tell, is Microsoft?
Google has been a bit tricky, and it might have been nice had they been willing to put all of Android under GPL or similar copyleft, but from what I've read, they are complying with the letter of the law on the GPLed portions and how they are linked to code licensed incompatibly.
That design patents have become law and can be abused the way Apple is abusing them does not put Apple in the right.
Theoretically, the design patents can be challenged. There isn't much case law on it yet, however. It would be nice if Samsung could demonstrate the stupidity of the design patent law with this case, but I don't know how or where the next step of repealing the design patent law in the EU could get started.
Seriously screwed up when art becomes patentable.
Treating your customers right is in your best interests.
Design patents are some sort of "right thing"? Give me a break.
And if you're going to post such drivel, do us a favor and don't hide behind the AC.
You, but the patents on FAT should not have been held valid.
That was when I realized how broken the system had become.
What kind of argument is that?
People do it all the time.
There have been times and places where it would have been perfectly accurate to say, "People lynch colored people for being colored all the time."
(Well, being colored and being the competition in some affair of money or the heart, usually.)
Still want to defend the legality of the immoral based on mode of behavior?
There may be reasons for asking for NDAs to discuss public things in the context of a suit, but this is clearly extortion, like the schoolyard bully threatening to punch you if you don't promise not to breath a word about it anywhere but in the principal's office.
In some decades this sort of gaming the system has been "normal". In some decades, it has been called what it is and disallowed. It has never been ethical.
The source code must be disclosed and claimed in the patent, and it must be the basis for the claim and the limit of the claim. And the claims must be limited by the language, compiler, libraries, runtime, etc., of the implementations they have running and reasonably bug-free.
That should be a lot easier to figure out than what we have: copyright is correct for software and patent is not.
Apple and Microsoft present completely different cases. See comments by others, above, as to why.
And the patents that are supposedly infringed by Android are vaporpatents. How can you indemnify against vaporpatents?
We can see what Apple is attacking Samsung with. There are no NDAs preventing anyone from even seeing those trash design patents unless they sign. Completely different ballgame.
And, if the design patents turn out to be hard enough to fight, I don't expect Samsung to hold ground there, either.
We are spectators to a poker game, trying to guess what the players are holding. You base your guess on the bets being placed, and I'll place mine by what's in the discard pile. And by how much money I see going under the table from Microsoft to the dealer.
Is HTC standing up to some sort of attack by Apple?
Because Microsoft can drag them through the court system, and the possibility of an incorrect decision by the courts is significantly larger than zero at multiple points in the game.
If Microsoft will issue the license for less than what Samsung expects defending the suit itself to cost, the license seems cheaper.
Eventually, the customer gets sick of all of this and realizes we got along without all these gadgets okay before and gives the finger to the lot of them. Because it turns out that the gadget without the freedom to use it is more trouble than it's worth. But these big companies know they can take us for quite a ride until then.
Everything is information. Everything is Mathematics.
Okay, prove it. Give me a mathematical model that can accurately model the lightswitch in my wall. Down to the time of failure. Not the MTBF, the time of this switch's failure.
If you could give me a model that accurately predicted the failure of this switch, use that model to actually turn the light in my room on and off.
Without a CPU or programmable logic implementing the model and controlling some sort of transponder.
To some mathematicians, mathematics is everything. Some wannabee mathematicians invert the relationship and claim everything is mathematics. I see two errors of logic in that.
If you want to patent the math, patent the source code, and accept the limits on what that will buy you.
it was the Chief External Fud Officer, Florian what's-his-face.
I guess I've read his comments differenty than you.
The way I see it, he wants a quick startup now, and he wants to study the real stuff, explicitly including the cli, later. That's why I made the comments about openbsd -- as something to do later. And you can't deny that openbsd is a good way to learn who to work things from the cli.
Yeah, there are differences between the several BSDs and the several Linux distros, but the differences are instructive. (BTW, I don't recall having suggested openbsd for security purposes in this article. I do remember having mentioned it in connection with learning the cli.)
Hobby project? 2500 users, whether that's 2500 users who will be using it every day or 2500 users that may use it once a month or less, is not a hobby project. 2500 may not be 25000, but it's still enough users to attract attention from people interested in using the server for their own purposes.
Ten users is a hobby project. That's also a good number to target while he's bringing up the system prototype, which he should do on one box, before he brings up the production system on another.
I'm not talking paranoia. If I were talking paranoia, I'd be suggesting openbsd on custom firewalls and separate servers for each function, at minimum.
But with 2500 users, he does need a dev function and a backup function, and he does need to put a security plan in place, and webmin is not a security plan.
Once he has experience, maybe he can wing it, but not while he's trying to find his way around.
Your anecdotes? Maybe you've been lucky. Maybe you only think you have been lucky. I have no way to know which from here.
Maybe you've been using webmin long enough to get away with what you are bragging about. The current version of webmin may be securable if you know what you are doing. But if you don't realize you are bragging, that's a problem, too.
Uhm, using your own certs can cover some problems, but it doesn't address the primary issues.
I don't want to be too obnoxious, but you do have a schedule to go back and check all those servers you have deployed periodically, right? Some sort of canary or tripwire in place, checksums of some sort on the executables exposed to the web, etc.?
Money circulates under the table, as always.
But it never hurts to let the people over "there" (wherever there is) know that people over here (wherever here is) are aware of their dependence on things that are fundamentally not dependable.
(Are you under the power of gold^H^H^H^H power?)
You missed the other times I posted because they were in other subthreads, and not in reply to your posts.
Gems? opinions are like armpits. Everyone has at least two, and they all smell but your own. You don't like my "gems", well, it's no sweat off my back. I wasn't talking to you.
But why do you think trojans in a LAMP server are no big deal? That assertion kind of dilutes your optimism, you know.
I guess you didn't miss all of my posts if you saw my suggestion about openbsd. But you seem to have missed that in the post in which I was not joking, I was suggesting it as a way to study the command line when one has more time. Oh, well. Not helpful to you, I see. But I wasn't talking to you, so, whatever suits you there is fine by me.
But ssl is by no means equivalent to ssh. https and ssh are completely different beasts. https is particularly undermined by the clot of certificates, and all the add-ons that run in your browser. (I assume you weren't meaning that you should use lynx to access webmin?) And, did you notice the conversations recently about the way browsers are handling the block cipher initializations? ssh has no issues there.
Thus, if one really needs the hand-holding, webmin really should be open only to localhost.
If you are going to be as casual about trojans and differences in vulnerability levels as you indicate, please refrain from putiing more servers up on the open web.
heh.
bhcompy -- I'm kidding about openbsd as a real option at this point.
But when you get this project settled in a bit, take a look at it. Good place to practice CLI when you're ready, and learn basics about X11 when your ready for that. Fun times.
snapshot
then tar the the snapshot, not the live volume
Part of learning the CLI is learning how to use man pages, including the apropos (or man -k) command.
Another part is learning to search the web, but that's true of the GUI stuff, too.
Fedora is good for this if and only if one can deal with the 6 month system release cycle.
Used well, the cycle can help push the development of the site. But if you get under the wave, that cycle can get torrid.
I think you've probably pinpointed the source of her confusion.
Well, you've been warned.
You might have missed this reply to my angst up a bit in a different sub-thread. Something to consider, the hidden assumptions and the defaults that tend not to match what you plan to do.
Anyway, do go to the effort of procuring a server to make your first messes in, separate from the production server. Maybe even arrange for a VM on your workstation, and disk space to hold the VM and what you do in it. If it's worth doing, it's worth doing at least that much. And don't let webmin lull you to sleep about the command line. (It's a real danger, despite best intentions now.)
I'm going to say this one more time.
Get an extra box for making your first mistakes in. Do not let all 2500 users play on your first efforts unless you are ready and they won't mind if you have to suddenly wipe the box and start from scratch because it is full of trojans and the like.
Keep backups of the data, preferably not on a drive permanently attached to either the production server or the dev/test/playground server.
And, just to emphasize what everyone is saying, go check out openbsd sometime. Don't fear the CLI, even if you choose to start with webmin telling you what it thinks your options should be. And, someone else pointed it out, but you want to keep webmin only accessible localhost. Even if you have to use the command line to set that up.