Let's all say it in unison: accepting GPL code does not constitute a promise to do ANYTHING at all.
No, but *distributing* modified or derived GPL code does.
No, it doesn't. It simply isn't allowed *unless* you do something else. If you don't do that other thing, your distribution is infringing on the copyright of the author, and you may be hauled into court... which can tell you you're liable for damages and have to stop distributing the code.
If I claim 4 dependents on my tax return, and the IRS finds out that I have no children, what do they do... make me pay back the money (plus penalties) or make me adopt four kids?;-) (Ok, not the best analogy, but kinda a funny idea...)
I think what the grandparent post was asking is what if you are only copying a snippet of code from a GPL'd work... is it still considered a derivative of a GPL'd work?
Personally, I'd say not... after all, if you copied your implementation of a mergesort algorithm from a GPL'd program, why should that automatically make your code GPL'd?
Well, the great-grandparent was asking about fair use, which is a pretty specific provision of copyright law. If you use a very small amount of GPL'd code for a school assignment, you can probably distribute the product to your professor and classmates without violating the GPL. On the other hand, in this case, why would you distribute it without the code anyway? Usually instructors want to see that. Besides which, you might run afoul of your school's ethics policy, depending on how much code you borrowed.
My point was, I can't conceive of a "fair use" situation that wouldn't also comply with the GPL, so the question is somewhat moot. The problem is that a lot of people don't really know what fair use is... it's pretty tricky, though it can be boiled down into relatively simple rules you can print on a single sheet of paper (on a tri-fold brochure in a Kinko's POP display... which you then have to read aloud to people who insist that they can put a picture of Mickey Mouse on their store's flyer under "fair use.")
I fail to see the importance in the difference. Can I say that I'm not forced to pay taxes, but rather I choose to pay them? What exactly am I forced to do?
When it comes to law, you (the individual) are forced to do what you will go to jail for not doing. As for corporations, since you can't put them in jail, it gets a bit more tricky... but still, the government can garnish your wages if you don't pay your taxes. The government cannot (according to the article) release your proprietary code if you fail to comply with the GPL.
And you think some judge is going to know how to put a price on that?
No, that's why it's up to lawyers to bring in expert testimony, to give the judge a basis for his decision.
What basis are you going to use for salary? An oursourced Indian programmer?
Well, the H1-B visa program required establishing indexes of reasonable salaries for all kinds of jobs, including programmers. Maybe they could have someone from the California EDD testify... they've helped massively underpaid imported programmers collect on up to three years of back wages, resulting in some sizeable claims. (Randomly met a guy one day who worked for the EDD and did this for a living.)
Besides, we already know the cost in man-hours for OSS projects: $0.
No, that's the out-of-pocket cost for the labor. Time has value, even when it's not measured in money. Do you drive to work, or take the bus? Most folks, if they have the option, drive... and not because it's cheaper, but because it takes a lot less time. The amount more they're willing to spend to save time getting to work is how much that time is worth to them, even though they're not being paid for it. (Generally, those values do correlate with a person's salary, which isn't surprising... people who make more money tend to think their time is more valuable. And they have more money to spend on it.)
If you take time and effort away from the OS community, you steal from them the only currency they trade in.
So then whats the point of the advice if it is not legal advice? What is it worth?
It's an article you can hand to your idiot boss when he orders you to uninstall Linux and replace it with My First Windows from Fisher Price (aka WinXP), because he's afraid you'll have to give away all the code the company produces.
That's probably worth quite a bit to quite a number of people.
The essay referenced in this article directly contradicts Stallman's own statements, which actually advocate the use of the GPL to "pry" intellectual property away from institutions and businesses. In his essay, "What is Copyleft?", Stallman writes:
People who write free software often work for companies or universities that would do almost anything to get money. A programmer may want to contribute her changes to the community, but her employer may "see green" and insist on turning the changes into a commercial product.
When we explain to the employer that it is illegal to distribute the improved version except as free software, the employer usually decides to release it as free software rather than throw it away.[emphasis added]
So, this apologist for the FSF is apparently attempting to sweep its true intentions under the rug.
The quote you give doesn't in any way contradict what the article says. This quote merely says that, when companies perceive that software subject to the GPL can only be distributed in a certain way, they may choose to distribute it under those terms rather than not distributing it at all.
What the article says is that, if they (accidentally or on purpose) do distribute GPL code under a proprietary license in violation of the terms of the GPL, they cannot be forced to release their code.
The important difference is what people (or corporate entities) choose to do, vs. what they must do. The point that MS et. al try to make about the GPL is that you could lose the right to keep your code proprietary. This, Ms. Jones contends, is simply not true. That doesn't mean that the GPL isn't a way to leverage companies into releasing code that they'd rather keep proprietary, however... which is what Stallman advocates in your snippet.
But until the GPL is proven in court, all interpretations are just that, FUD.
I'd tend to disagree...
FUD is fear, uncertainty, and doubt. While there may be some uncertainty to all interpretations, if the intention of an article is to reduce fear and doubt, it seems that it would be more of an anti-FUD piece.
"Propaganda" may be the word you were looking for.
Is it okay to use and distribute a snippet of GPLed code if it's considered "fair use"? If so, can you ignore the GPL license since it would THEN be more restrictive than the current copyright law?
If you're distributing the code, you're not violating the GPL, since that's exactly what it requires you to do.
If you're distributing the complete compiled program without the code, you're probably not covered under fair use, since it usually only protects use of 'excerpts' or other carefully defined portions of works.
Maybe you can more clearly explain a situation where you would be in violation of the GPL, but protected under fair use?
Yes, but you cannot have a contract without agreement on both sides to do something.
Let's all say it in unison: accepting GPL code does not constitute a promise to do ANYTHING at all. The GPL allows you to do certain things you couldn't do with proprietary code someone handed you, but it requires nothing of you. In accepting the license, you don't agree to do anything. If you decide to redistribute the code, which you can only do because the license allows it, you have to comply with the terms of the license.
But it's the GPL, not Copyright Act that states the proprietary code needs to be released as GPLed open code. Why couldn't a judge order them to do that?
For all I know, a judge could order them to do that. But it seems unlikely, since the "losses" from the company having to release the code would probably be greater than the "losses" from the GPL code being used in an infringing manner.
Besides, what possible monatery damages could there be to the GPLed project? It's not that the offending company is taking away income from the open source community.
It's not? Hm... so if someone is using GPL code without complying with the terms of the license, and therefore not releasing their code along with their product, they're not causing any damage to the OS community? This assumes that the OS community doesn't benefit from people releasing their code under the GPL. I'd tend to think that it does, and furthermore that the amount of benefit can be quantified in the man-hours it takes to write and debug the code.
Most licenses grant you the right to use a work only if you pay for it, and grant no right to distribution unless you're actually an authorized reseller for the product and turning money over to the company that created it. To use GPL code, the price is not monetary: you contribute your code to the OS community. Just because the GPL doesn't extract a monetary price, however, doesn't mean that there is no material benefit to the licensor.
If anything, this article sounds like a bunch of reporters got pissed, because they weren't allowed into a closed door conference, and broke the rules to get an access badge
The original press release reported on/. (here) didn't mention that group of reporters at all, and this article doesn't actually discuss any link between the researchers and the reporters. I get the impression that the Washington Times thought the discussion of the pirate radio broadcast gave the story a little more color for those who find RFID boring.
Besides, would you feel just as fine about your security card at work if it flashed your personal details on a screen that can be read from 10 feet away, along with a queue of the last several people who walked in via that entrance? Is it enough for your boss to know that you just got back from lunch late, or should he know that you were at lunch with the same group of drinking buddies you always go with too?
Well how about just some way I can find my keys and television remote control.. That alone would make this technology the best thing since sliced silicon.
a group of reporters were pissed that they weren't invited to attend the conference.
And from the article, there's no indication that they're the same as the group of researchers who snuck in.
They disected a security card, and found (shock, horror) that it contained features designed to maintain security at said conference.
If that's what it was for, how come the security people couldn't tell them that? I'm glad you were able to get more info out of them than the researchers were.
Since this is the only dirt they managed to find, they spin it up into a sky-is-falling end-of-the-world privacy story.
The fact that they faked their way in so easily was the first bit of dirt they dug up. The fact that there were undisclosed monitoring devices in the badges was the next. The final blow was that they couldn't get any info from security about the monitoring, and basically that the conference violated at least three privacy laws in the current jurisdiction.
And that if this is how it goes in Switzerland, how will things go in Tunisia next year?
If you figure it's no biggie, maybe you're right. But then again, if we send a bunch of prime ministers and other politicos to all congregate in a single place, and then we put tags on them so that we know their comings and goings, and who is talking with whom, and then we don't have any apparent plan to purge that info at any point... how easy will it be for every terrorist in the world to strike against their least favorite government at next year's conference? This seems vaguely important to me.
Maybe the flamebait mod is from how you say things, not what you said...
But, anyway, to address what you actually said: "If you have 1,000,000 people testing 1 product over 1 year, they WILL find more flaws than 100 people testing the same product over 1 year!"
True. But there's an issue of diminishing returns. Also, there's two other factors with IE and Mozilla: (1) The people using it tend to have different skill sets... i.e. Mozilla users are more likely to have beyond basic computer knowledge; and (2) Mozilla has very accessible means for reporting bugs, while Microsoft may sue you if you go to the trouble of trying to tell them something is wrong with their product. (A quick search on microsoft.com for "report a bug" comes up with a Feature Request Form for Win XP Media Center, and the Windows Embedded Home Page. In the next section, you can actually report a bug for Visual FoxPro.
So, while there are a lot more monkeys pounding on IE, they don't have nearly as easy a time letting MS know what's wrong. And, they're still monkeys.
but if you have a company intranet that needs to have ActiveX scripts that modify certain files automatically...
...then you actually have a specific *need* for this feature. But generally speaking, is file modification a feature that web browsers (especially on personal systems) should be capable of *by default*?
You can always come up with reasons why you'd use the extremely insecure features of Windows and IE, but the fact remains that they are not things that any computer should do out of the box. Yet there are thousands, probably millions of computers that do exactly that, so that a company with an intranet that automatically updates files on your desktop via ActiveX doesn't have to set this up separately. And the irony is, they're the ones that have the technical savvy to do just that, while Joe Schmoe with his shiny new 'puter hasn't the foggiest notion how to deal with this.
Hm. I haven't tried as many permutations as you have, but in Windows 2000 Professional (and Win 98se for quite a while before I finally gave in and upgraded), Mozilla 1.4 (details: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624) Win32 release installer has never had any of those issues for me. I've also used 1.2.1 to great effect, but 1.3 was annoying... I can't quite remember why; I think I kept having to close it and restart it because it just wouldn't load pages after a while (like, a couple days or so). But that wasn't a/. thing, it was *everywhere*. And it totally went away with 1.4.
But leaving that part of the URL out of the address bar would solve the spoofing problem
Not to mention, it would be added security from over-the-shoulder password collectors.
I love using the user:pass@ftp.domain.tld shortcut (when I don't have a real FTP program available), but I never use this at a workstation in a public area or at a public terminal, because then my password is in cleartext in the location bar (and the history if I don't remember to clear it).
Well, the original article and a large percentage of the thread were, actually, since that's the big problem.
the point of this subthread is, as was said in the post a few levels up that you replied to, that:
...it also fools the status bar in IE. It fools it in mozilla too, but you see a nice little unprintable ascii char block after the URL.
So yes, the trick does fool Mozilla.
But what people keep saying is, it fools Mozilla in a pretty much irrelevant way. The status bar is not reliable anyway if you don't disable the ability for scripts to change it, and it's enabled in Mozilla (and every other browser) by default. So people not only don't look at the status bar as a way to determine what site a link goes to, they are not *instructed by techs, online stores, and MS security bulletins* to use this to check... whereas the location bar is the standard thing to tell people to check.
Because that POS hasn't been caught up with in terms of page compatibility yet.
Or, more to the point, there's a few sites that haven't caught up to the W3C standards.
But, when was the last time you tried it? I have to use IE at work and at school, but use nothing but Mozilla at home. There's only one site I ever use that I can't use Mozilla for... housecall.antivirus.com, and the only reason is because their stupid installer will only look for "Netscape" and won't install in the Mozilla folder. Which is an application compatibility issue, not a web page compatibility issue. (Of course, I can use Netscape if I really want to for that.) Oh, and the other day (11/28/2003 to be precise), I went to bedbathandbeyond.com and got a silly error that because I was using an old version of Netscape, I wouldn't be able to place secure orders... but I submitted that to their feedback, and two hours later got an only slightly canned response (either it was a really, really well-configured reply bot, or a real live person worked out what I was writing about) saying they'd send the info to their IT department. And today, after deleting all their cookies, I can't get the same message to come up.
Other than that, it's been a year or more since I've seen any issues that were more than trivial formatting problems, and even those are pretty rare (and due to extremely sloppy coding). Heck, the other day, I was having terrible trouble getting a website (I think it was terraserver, ironically enough) to work from school with IE, so I had to wait until I got home to use it on Mozilla.
Mozilla 0.9 still had some compatibility issues reminiscent of Netscape 4.7x. But it's been quite a while since it was such a bear to use. (And most of the time when I'm at school, I use NS 4.7x instead of IE, just because it makes me feel better... no, they don't have a more recent version of NS installed. Hey, I didn't make the decision, stop looking at me funny.)
Equally as difficult to charge family and friends for my help. If I did it for a living I would, but since I do not, it seems improper according to my upbringing.
If you do do it for a living, or *ever* have... absolutely charge family and friends. Come up with a discount scheme for them if you must, and barter is always acceptable... but if they're not willing to pay for it, they don't value you as *their* family and/or friend... they see you as a freebie.
My rate is $40/hour for everything... hardware, software, desktop publishing, grant writing, whatever. These days, I'm busy with school and work, so my only customer is my mom. She's never quibbled about price at all. In return, I charge her for the time it would have taken me to do whatever it was if we hadn't been chatting and getting off topic.
This makes bearable the 15th time I explain the difference between a web page and a browser, after she tells me "my Yahoo! isn't working." It's terrible when bright, well-educated people accept that computers are simply too hard for them for no good reason. (Actually, these days, I've gotten her up to troubleshooting her own DSL connection, but it was a long uphill battle.)
Type in "how to sharpern a knife" and you get cutlery stores not instructions.
Correction: type in "how to sharpen a knife" and *you* get cutlery stores. I get instructions.
Granted, several of those instructions are posted by cutlery stores, but the third hit was from gpvec.unl.edu, definitely not a cutlery store.
Of course, if it was an older search you were basing this on, maybe this is a sign that the November 21st update cited in the second article linked in the main post is doing its thing...
Well Conair *is* responsible, because they could have done something about it, for example, putting a curcuit breaker on the cord, which they do (that's what the square thing is that is on the end of the hair drier).
That circuit breaker does nothing to protect the hair dryer itself from damage if you drop it into a puddle of water.
Which is basically irrelevant, since the guy's iPod apparently works just fine... it just can't play songs downloaded from iTunes. Not exactly "broken," since he had the same functionality he had before he installed iTunes.
Or, maybe, if they see a lot of backlash coming on, they'll fix iTunes.
Them "fixing" it implies that it's broken. It's NOT.
Ever heard of the bleeding edge? If you buy new hardware when it first comes out, in spite of the fact that it didn't come out yet in the particular flavor you want, usually you expect to have to upgrade or to not get all the functionality you would have gotten if you'd waited. People who bought iPods that actually supported Windows in the first place are using iTunes just fine. Even some people who understand why the first-gen ones don't work right and who have reformatted theirs are able to make it work.
iTunes is *not broken.* It lacks a feature that XPlay and a few other third-party systems have. You can criticize Apple for not including the feature, maybe, if you want to... but acting like they somehow sinned against their customers is kinda ridiculous.
Funny, if this was a Microsoft product blowing up on an Apple machine, this would be decried as an insiduous attempt by MS to force you to move to Windows.
RTFT... people *are* decrying it as an insidious attempt to force people to move to Macs. Or at least to make them buy another iPod.
Slashdot Mirror
No, it doesn't. It simply isn't allowed *unless* you do something else. If you don't do that other thing, your distribution is infringing on the copyright of the author, and you may be hauled into court... which can tell you you're liable for damages and have to stop distributing the code.
If I claim 4 dependents on my tax return, and the IRS finds out that I have no children, what do they do... make me pay back the money (plus penalties) or make me adopt four kids?
I think what the grandparent post was asking is what if you are only copying a snippet of code from a GPL'd work... is it still considered a derivative of a GPL'd work?
Personally, I'd say not... after all, if you copied your implementation of a mergesort algorithm from a GPL'd program, why should that automatically make your code GPL'd?
Well, the great-grandparent was asking about fair use, which is a pretty specific provision of copyright law. If you use a very small amount of GPL'd code for a school assignment, you can probably distribute the product to your professor and classmates without violating the GPL. On the other hand, in this case, why would you distribute it without the code anyway? Usually instructors want to see that. Besides which, you might run afoul of your school's ethics policy, depending on how much code you borrowed.
My point was, I can't conceive of a "fair use" situation that wouldn't also comply with the GPL, so the question is somewhat moot. The problem is that a lot of people don't really know what fair use is... it's pretty tricky, though it can be boiled down into relatively simple rules you can print on a single sheet of paper (on a tri-fold brochure in a Kinko's POP display... which you then have to read aloud to people who insist that they can put a picture of Mickey Mouse on their store's flyer under "fair use.")
I fail to see the importance in the difference. Can I say that I'm not forced to pay taxes, but rather I choose to pay them? What exactly am I forced to do?
When it comes to law, you (the individual) are forced to do what you will go to jail for not doing. As for corporations, since you can't put them in jail, it gets a bit more tricky... but still, the government can garnish your wages if you don't pay your taxes. The government cannot (according to the article) release your proprietary code if you fail to comply with the GPL.
And you think some judge is going to know how to put a price on that?
No, that's why it's up to lawyers to bring in expert testimony, to give the judge a basis for his decision.
What basis are you going to use for salary? An oursourced Indian programmer?
Well, the H1-B visa program required establishing indexes of reasonable salaries for all kinds of jobs, including programmers. Maybe they could have someone from the California EDD testify... they've helped massively underpaid imported programmers collect on up to three years of back wages, resulting in some sizeable claims. (Randomly met a guy one day who worked for the EDD and did this for a living.)
Besides, we already know the cost in man-hours for OSS projects: $0.
No, that's the out-of-pocket cost for the labor. Time has value, even when it's not measured in money. Do you drive to work, or take the bus? Most folks, if they have the option, drive... and not because it's cheaper, but because it takes a lot less time. The amount more they're willing to spend to save time getting to work is how much that time is worth to them, even though they're not being paid for it. (Generally, those values do correlate with a person's salary, which isn't surprising... people who make more money tend to think their time is more valuable. And they have more money to spend on it.)
If you take time and effort away from the OS community, you steal from them the only currency they trade in.
So then whats the point of the advice if it is not legal advice? What is it worth?
It's an article you can hand to your idiot boss when he orders you to uninstall Linux and replace it with My First Windows from Fisher Price (aka WinXP), because he's afraid you'll have to give away all the code the company produces.
That's probably worth quite a bit to quite a number of people.
The quote you give doesn't in any way contradict what the article says. This quote merely says that, when companies perceive that software subject to the GPL can only be distributed in a certain way, they may choose to distribute it under those terms rather than not distributing it at all.
What the article says is that, if they (accidentally or on purpose) do distribute GPL code under a proprietary license in violation of the terms of the GPL, they cannot be forced to release their code.
The important difference is what people (or corporate entities) choose to do, vs. what they must do. The point that MS et. al try to make about the GPL is that you could lose the right to keep your code proprietary. This, Ms. Jones contends, is simply not true. That doesn't mean that the GPL isn't a way to leverage companies into releasing code that they'd rather keep proprietary, however... which is what Stallman advocates in your snippet.
But until the GPL is proven in court, all interpretations are just that, FUD.
I'd tend to disagree...
FUD is fear, uncertainty, and doubt. While there may be some uncertainty to all interpretations, if the intention of an article is to reduce fear and doubt, it seems that it would be more of an anti-FUD piece.
"Propaganda" may be the word you were looking for.
Is it okay to use and distribute a snippet of GPLed code if it's considered "fair use"? If so, can you ignore the GPL license since it would THEN be more restrictive than the current copyright law?
If you're distributing the code, you're not violating the GPL, since that's exactly what it requires you to do.
If you're distributing the complete compiled program without the code, you're probably not covered under fair use, since it usually only protects use of 'excerpts' or other carefully defined portions of works.
Maybe you can more clearly explain a situation where you would be in violation of the GPL, but protected under fair use?
You can have a contract with no signatures.
e.g. a verbal contract.
Yes, but you cannot have a contract without agreement on both sides to do something.
Let's all say it in unison: accepting GPL code does not constitute a promise to do ANYTHING at all. The GPL allows you to do certain things you couldn't do with proprietary code someone handed you, but it requires nothing of you. In accepting the license, you don't agree to do anything. If you decide to redistribute the code, which you can only do because the license allows it, you have to comply with the terms of the license.
But it's the GPL, not Copyright Act that states the proprietary code needs to be released as GPLed open code. Why couldn't a judge order them to do that?
For all I know, a judge could order them to do that. But it seems unlikely, since the "losses" from the company having to release the code would probably be greater than the "losses" from the GPL code being used in an infringing manner.
Besides, what possible monatery damages could there be to the GPLed project? It's not that the offending company is taking away income from the open source community.
It's not? Hm... so if someone is using GPL code without complying with the terms of the license, and therefore not releasing their code along with their product, they're not causing any damage to the OS community? This assumes that the OS community doesn't benefit from people releasing their code under the GPL. I'd tend to think that it does, and furthermore that the amount of benefit can be quantified in the man-hours it takes to write and debug the code.
Most licenses grant you the right to use a work only if you pay for it, and grant no right to distribution unless you're actually an authorized reseller for the product and turning money over to the company that created it. To use GPL code, the price is not monetary: you contribute your code to the OS community. Just because the GPL doesn't extract a monetary price, however, doesn't mean that there is no material benefit to the licensor.
If anything, this article sounds like a bunch of reporters got pissed, because they weren't allowed into a closed door conference, and broke the rules to get an access badge
/. (here) didn't mention that group of reporters at all, and this article doesn't actually discuss any link between the researchers and the reporters. I get the impression that the Washington Times thought the discussion of the pirate radio broadcast gave the story a little more color for those who find RFID boring.
The original press release reported on
Besides, would you feel just as fine about your security card at work if it flashed your personal details on a screen that can be read from 10 feet away, along with a queue of the last several people who walked in via that entrance? Is it enough for your boss to know that you just got back from lunch late, or should he know that you were at lunch with the same group of drinking buddies you always go with too?
Well how about just some way I can find my keys and television remote control.. That alone would make this technology the best thing since sliced silicon.
Here you go.
a group of reporters were pissed that they weren't invited to attend the conference.
And from the article, there's no indication that they're the same as the group of researchers who snuck in.
They disected a security card, and found (shock, horror) that it contained features designed to maintain security at said conference.
If that's what it was for, how come the security people couldn't tell them that? I'm glad you were able to get more info out of them than the researchers were.
Since this is the only dirt they managed to find, they spin it up into a sky-is-falling end-of-the-world privacy story.
The fact that they faked their way in so easily was the first bit of dirt they dug up. The fact that there were undisclosed monitoring devices in the badges was the next. The final blow was that they couldn't get any info from security about the monitoring, and basically that the conference violated at least three privacy laws in the current jurisdiction.
And that if this is how it goes in Switzerland, how will things go in Tunisia next year?
If you figure it's no biggie, maybe you're right. But then again, if we send a bunch of prime ministers and other politicos to all congregate in a single place, and then we put tags on them so that we know their comings and goings, and who is talking with whom, and then we don't have any apparent plan to purge that info at any point... how easy will it be for every terrorist in the world to strike against their least favorite government at next year's conference? This seems vaguely important to me.
Maybe the flamebait mod is from how you say things, not what you said...
But, anyway, to address what you actually said: "If you have 1,000,000 people testing 1 product over 1 year, they WILL find more flaws than 100 people testing the same product over 1 year!"
True. But there's an issue of diminishing returns. Also, there's two other factors with IE and Mozilla: (1) The people using it tend to have different skill sets... i.e. Mozilla users are more likely to have beyond basic computer knowledge; and (2) Mozilla has very accessible means for reporting bugs, while Microsoft may sue you if you go to the trouble of trying to tell them something is wrong with their product. (A quick search on microsoft.com for "report a bug" comes up with a Feature Request Form for Win XP Media Center, and the Windows Embedded Home Page. In the next section, you can actually report a bug for Visual FoxPro.
So, while there are a lot more monkeys pounding on IE, they don't have nearly as easy a time letting MS know what's wrong. And, they're still monkeys.
but if you have a company intranet that needs to have ActiveX scripts that modify certain files automatically...
...then you actually have a specific *need* for this feature. But generally speaking, is file modification a feature that web browsers (especially on personal systems) should be capable of *by default*?
You can always come up with reasons why you'd use the extremely insecure features of Windows and IE, but the fact remains that they are not things that any computer should do out of the box. Yet there are thousands, probably millions of computers that do exactly that, so that a company with an intranet that automatically updates files on your desktop via ActiveX doesn't have to set this up separately. And the irony is, they're the ones that have the technical savvy to do just that, while Joe Schmoe with his shiny new 'puter hasn't the foggiest notion how to deal with this.
Hm. I haven't tried as many permutations as you have, but in Windows 2000 Professional (and Win 98se for quite a while before I finally gave in and upgraded), Mozilla 1.4 (details: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624) Win32 release installer has never had any of those issues for me. I've also used 1.2.1 to great effect, but 1.3 was annoying... I can't quite remember why; I think I kept having to close it and restart it because it just wouldn't load pages after a while (like, a couple days or so). But that wasn't a /. thing, it was *everywhere*. And it totally went away with 1.4.
But leaving that part of the URL out of the address bar would solve the spoofing problem
Not to mention, it would be added security from over-the-shoulder password collectors.
I love using the user:pass@ftp.domain.tld shortcut (when I don't have a real FTP program available), but I never use this at a workstation in a public area or at a public terminal, because then my password is in cleartext in the location bar (and the history if I don't remember to clear it).
Well, the original article and a large percentage of the thread were, actually, since that's the big problem.
the point of this subthread is, as was said in the post a few levels up that you replied to, that: So yes, the trick does fool Mozilla.
But what people keep saying is, it fools Mozilla in a pretty much irrelevant way. The status bar is not reliable anyway if you don't disable the ability for scripts to change it, and it's enabled in Mozilla (and every other browser) by default. So people not only don't look at the status bar as a way to determine what site a link goes to, they are not *instructed by techs, online stores, and MS security bulletins* to use this to check... whereas the location bar is the standard thing to tell people to check.
Mozilla 1.4 Win32 release doesn't have a problem with this; it shows the complete URL (and the status bar only says "Done").
Because that POS hasn't been caught up with in terms of page compatibility yet.
Or, more to the point, there's a few sites that haven't caught up to the W3C standards.
But, when was the last time you tried it? I have to use IE at work and at school, but use nothing but Mozilla at home. There's only one site I ever use that I can't use Mozilla for... housecall.antivirus.com, and the only reason is because their stupid installer will only look for "Netscape" and won't install in the Mozilla folder. Which is an application compatibility issue, not a web page compatibility issue. (Of course, I can use Netscape if I really want to for that.) Oh, and the other day (11/28/2003 to be precise), I went to bedbathandbeyond.com and got a silly error that because I was using an old version of Netscape, I wouldn't be able to place secure orders... but I submitted that to their feedback, and two hours later got an only slightly canned response (either it was a really, really well-configured reply bot, or a real live person worked out what I was writing about) saying they'd send the info to their IT department. And today, after deleting all their cookies, I can't get the same message to come up.
Other than that, it's been a year or more since I've seen any issues that were more than trivial formatting problems, and even those are pretty rare (and due to extremely sloppy coding). Heck, the other day, I was having terrible trouble getting a website (I think it was terraserver, ironically enough) to work from school with IE, so I had to wait until I got home to use it on Mozilla.
Mozilla 0.9 still had some compatibility issues reminiscent of Netscape 4.7x. But it's been quite a while since it was such a bear to use. (And most of the time when I'm at school, I use NS 4.7x instead of IE, just because it makes me feel better... no, they don't have a more recent version of NS installed. Hey, I didn't make the decision, stop looking at me funny.)
Equally as difficult to charge family and friends for my help. If I did it for a living I would, but since I do not, it seems improper according to my upbringing.
If you do do it for a living, or *ever* have... absolutely charge family and friends. Come up with a discount scheme for them if you must, and barter is always acceptable... but if they're not willing to pay for it, they don't value you as *their* family and/or friend... they see you as a freebie.
My rate is $40/hour for everything... hardware, software, desktop publishing, grant writing, whatever. These days, I'm busy with school and work, so my only customer is my mom. She's never quibbled about price at all. In return, I charge her for the time it would have taken me to do whatever it was if we hadn't been chatting and getting off topic.
This makes bearable the 15th time I explain the difference between a web page and a browser, after she tells me "my Yahoo! isn't working." It's terrible when bright, well-educated people accept that computers are simply too hard for them for no good reason. (Actually, these days, I've gotten her up to troubleshooting her own DSL connection, but it was a long uphill battle.)
Type in "how to sharpern a knife" and you get cutlery stores not instructions.
Correction: type in "how to sharpen a knife" and *you* get cutlery stores. I get instructions.
Granted, several of those instructions are posted by cutlery stores, but the third hit was from gpvec.unl.edu, definitely not a cutlery store.
Of course, if it was an older search you were basing this on, maybe this is a sign that the November 21st update cited in the second article linked in the main post is doing its thing...
Well Conair *is* responsible, because they could have done something about it, for example, putting a curcuit breaker on the cord, which they do (that's what the square thing is that is on the end of the hair drier).
That circuit breaker does nothing to protect the hair dryer itself from damage if you drop it into a puddle of water.
Which is basically irrelevant, since the guy's iPod apparently works just fine... it just can't play songs downloaded from iTunes. Not exactly "broken," since he had the same functionality he had before he installed iTunes.
Or, maybe, if they see a lot of backlash coming on, they'll fix iTunes.
Them "fixing" it implies that it's broken. It's NOT.
Ever heard of the bleeding edge? If you buy new hardware when it first comes out, in spite of the fact that it didn't come out yet in the particular flavor you want, usually you expect to have to upgrade or to not get all the functionality you would have gotten if you'd waited. People who bought iPods that actually supported Windows in the first place are using iTunes just fine. Even some people who understand why the first-gen ones don't work right and who have reformatted theirs are able to make it work.
iTunes is *not broken.* It lacks a feature that XPlay and a few other third-party systems have. You can criticize Apple for not including the feature, maybe, if you want to... but acting like they somehow sinned against their customers is kinda ridiculous.
Funny, if this was a Microsoft product blowing up on an Apple machine, this would be decried as an insiduous attempt by MS to force you to move to Windows.
RTFT... people *are* decrying it as an insidious attempt to force people to move to Macs. Or at least to make them buy another iPod.