Yeah no shit- he made a kernel, that's all- I respect what he did and all, but I do get kinda tired of the treatment of Linus as if he's some god.
As RMS had beaten in to our brains, "Linux" is *nothing* without a compiler toolchain and assorted userland tools.
And without XFree86, "Linux" remains a dinosaur.
My understanding is that Linus's kernel becoming the predominant "unix-like scheduling and memory-management core" to mate up with the GNU toolchain was just kinda a random fun accident.
Uhm- that wouldn't be useful at all- the absolute frame at time of disc pressing or vhs mastering or whatever doesn't translate to absolute frames of an encoded and digitized replication.
The methods I've seen discussed are simply just a bunch of dots here and there- you don't need to be very sophisticated.
> A derived work contains material that is covered by copyright taken from another work.
Well right, but we're specifically using that question, "Is it covered by copyright?" to decide whether it is derived or not. - A question can not be it's own answer.
> Imagine I take some numbers from a table in your book to make a graph to put in my book. In a colloquial sense you might say my work is derived from yours, but it is not a derived work in the legal sense, because all I took was information, which is not protected under copyright law." -- crispy_critters
"All I took was information?" Information is all there is for you, ever. There for you waiting to discover it.
> and besides, as has been pointed out elsewhere, revocation of the GPL will invalidate the license to distribute granted by it. therefore the infringing party is distribnuting without license.
Not true- I'm arguing that the definition of "derivative work" is of infinte proportions. Something that can be interpreted by both sides as being in compliance of the GPL- the lack of legal precedent is what allows this- the GPL never having been tested or refined- it is open to interpretation. Indoubtedly 2 companies soon will bring it to redemption, them each interpreting in what they thought were correct ways- and a judge deciding which is right.
> and in anycase, the nature of the derivation in question will be a decision made by a judge, with expert advice, IF it ever comes to that point.
Until that point comes, the GPL is potentially worthless.
There is *no* clear definition *anywhere* of what exactly a "derivative work" is.
Really- there's not- it's similar to the definition of "life".
Depending on your POV, you can see *all* works as somehow derivative, or *no* works derivative. Until there are concrete things like (just examples) "a function that replicates at least 70% of the mathematical operations in the same order will be considered derivative" or "rewriting code using different variable names while looking at original source code is not derivative" or "if more than 50% of an entire application'f functionality is identical to the original work, then the new work is considered derived"- the GPL will remain unenforcable except in repackage-and-distribute cases.
(I know those above definitions have lots of holes in them, but they're off the top of my head- and that's probably a good thing- it underscores the vastness of the problem) "what is an appliaction exactly?" "what exactly is source code?"
These are all very loose definitions...
Specifically in this case- lets say KISS used Mplayer's subtitle code but wrote everything else themselves. (merely a hypothetical) Is their player now a "derivative work"? I surely don't know- common sense would suggest "no"- since the subtitle stuff is just a very very small part of the entire "player application" functionality. But who knows?!?!?!? Surely not me!!!!!!! Nor anyone else!
Suppose KISS took the Mplayer subtitle code and "modified" it in to its own neat little file that represented the "modified mplayer code". Then they simply #include (or compile as a dll- its just semantics) that functionality. Then they release their "modified mplayer" (just the subtitle code) freely, as required by the GPL.
That stance seems decent to me- "we modified mplayer to provide subtitles to our proprietary movie player, here's the source to our modified mplayer"
It is just these kinds of things that, until ironed out, I'm afraid will be the death of the GPL...
You miss the point- that part of the GPL is very specific in it's wording:
"For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you"
I think it's safe to say that the Mplayer guys *know* that some of the stuff is patented. And I think it's also safe to say that they *know* that Mplayer ends up being used/distributed in the US.
I like Mplayer too, and they really are a large part of why Linux has become more usable on the desktop, but they *really* are on an ethical gray area here.
Legally I'm sure they're reasonably safe, and on the whole "ethic" I think they're safe as well, but to be pointing out some subtitle stuff in some random DVD player and getting all accusatory just leaves a bad taste in my mouth. (With their fairly obvious disregard for the GPL and US software patents)
I've used and liked FreeBSD since back in the 2.1.5 days. (~1994 IIRC)
Of all the reasons listed, it is the simplicity and order and coherency of everything that works for me. It's very standardized, and things just seem to be done in a way that "makes sense".
So- why not use it? There really is only one reason: bleeding-edge hardware support.
For server systems this is not an issue, but for desktops (particularly laptops) it raises its ugly head.
I will say that the 5.x series makes a lot of improvements in the "general laptop functionality" area, but even still- hardware support *does* lag behind Linux.
It is for that reason (and *only* that reason) that for my FOB P2040, FreeBSD (4.x at the time) just was not an option. Stuff like sound/tvout/suspend/spindown and IIRC even the particular USB controller wasn't supported. It's been a long time now but I remember installing it and just finding it unworkable at all on a machine that new at the time.
I don't understand- do you not believe me or something? At work I use both a Win2k and a FreeBSD machine- at home I run Linux on the laptop I'm typing this on right now. It's a Fujitsu P2040 with a Crusoe, so it's severely underpowered in some ways- as such Fluxbox is my "main" window manager. I stay current on both KDE and GNOME and switch between them routinely.
Admittedly I've never developed heavily under either platform, so my comments come more from a user-side. (tho I *am* pretty familiar with what the various structures in the framework are)
I dunno man- addressing your comments directly, AFAIK *nothing* uses GNOME-VFS yet (and I suspect it may die a horrid sudden death). And yeah, nothing uses GConf either (registry)- but really- those ideas are ahead of their time. Those things make sense in *huge* integrated environments- sure they seem unwieldy and unneeded now, but the principles they implement make sense. As for bonobo, I don't know what you're talking about.
KDE has some of the same structures, (of those specifically, DCOP acting like Bonobo), but it just all *seems* more hacked together in a mishmash sort of way- Like I said- I don't really see any *major* differences under the hood- the GNOME components just mentioned are (again) ahead of their time, and dont really contribute much at the moment- so things are basically in the same spot.
In reference to the customization of each- I'm not talking about minor stuff like text next to icons, or menu items- I'm talking about the entire way the desktop works- Menu at bottom, taskbar at bottom, quicklauch at top etc etc. IE: both Desktop Environments can be set up in the same logical working order, they're both flexible enough.
Anyway- I'm not trying to start desktop enviroment war I just hink that KDE is on its way out because of the Novell+Ximian+SUSE thing, and that it's a *good* thing- because those things that are *good* about KDE will now get put in to GNOME and the "Unified U*IX Desktop" will become a feasible reality:)
Don't give me that crap- I've extensively used both-
I don't think anything is particularly "killer" under KDE's hood contrasted to GNOME- and "default look" is a pretty weak measure of each package as a whole.
And I don't see how you can say they're "completely different"- each of them has a "default layout"- and each can be customized to act roughly equivalent to each other's default layouts- In my mind they're roughly equivalent in all areas, sure, KDE might do this and that better, and GNOME might do this and that better, but its all details.
My point is just that a HELL of a lot of effort has been put in to both, while I think that effort combined could have made something even better.
It just kills me how so much effort has been put in to these 2 desktop/application frameworks... when they essentially do the exact same things to the same levels of competency... I wonder where we would be today if they simply had cooperated..
> We give money away instead of taking tribute. That sounds like the opposite of imperialism to me. If we wanted the world we could have had it in 1945. Instead, we went back to our farms and our shops because the rest of the world isn't worth a corner of Nebraska.
> Jealousy is the reason they hate us. They think we could just cure all their problems if we wanted to, but the truth is they have to do it themselves. They have to reject the warlords and the priests get up and work 40-80 hours a week, 50 weeks a year like we do. They have to tolerate differences in religion, race, and politics without slaughtering each other like we do.
I can't say that our policies towards the rest of the world are very nice right now at all- but ya- you're right.
Sure the US has it's own agenda, but on the whole we've been very generous to the rest of the world- and I can't blame the US for taking the more-favorable of 2 sides in certain things.
"Dealing with an DDoS atack when your bandwidth is NOT eaten up is fairly simple. A quick and dirty script to read your firewall log(s) for incoming addresses that are trying the SYN attacks is fairly easy. Adding those IP addresses to a quick block list is also easy.
"Problem just goes away."
When you're talking about a simple SYN flood, these addresses can all be random spoofs anyway. There's no dependence on connection-setup or anything. All you need to do is get that first packet through and you can do that with spoofed IPs, so a block list is worthless- unless you just block everyone-
Yeah- block everyone, then the "problem just goes away"- Stick to law, Groklaw:)
Generally after you stabilize the filesystem/config- you then run snort from, and keep it's configs on, a read-only media. (this is not to make sure your logs dont get modified, it's to make sure that nobody can mess with teh IDS config to coverup the filesystem changes they made)
As others have said, remote logging takes care of that. I don't know why people keep bringing up the "dot-matrix printer"- I read that as well ~10 years ago when I was first getting in to security. I don't remember where, but it must have been somewhere, because everyone loves to talk about it- and it's always specifically "dot-matrix". Is it actually a feasible solution? No. Maybe back in the olden days of unix when you only had one box, sure- but today? Hell no. Unless you're doing remote-logging to one box, and then printing from there. When you setup a remote loghost, you have to be very careful about where it is. It needs to be in a fairly local location. Do you know anyone that rushes down to replace the paper in their log machine every week? Did they engineer some sort of endless-loop device with some scotch tape? Not likely- If you're accepting the minor additional risks that come with remote logging to begine with, then it's easy enough to lock that box down to the point where it is for all intents and purposes, impenetrable.
It is a *network* intrusion detection system. There's a big difference there. NIDS generally sniff packets and look for signatures of attacks. (on the *network*) A box level IDS keeps an eye on filesystems to see what has been modified, keeping its information in some more-secure place. (read-only media or something)
That makes no sense whatsoever- yeah you see some sort of numeric and scaling coincidences, but then you delve in to the illogical with "Thus it takes more clock cycles to initialise these resources and get them ready for use (ie. 'boot' them). The end result is boot times will be approximately constant (as observed)."
That's simply not true. It *would* be true if the "initialization" of every device and component was defined, and necessary, and never-changing- but it's simply not.
You appear to be looking only at memory? And then you assume that memory is tested on bootup today the same way it was in 1994? ???? Think a little bit...
The only reason the "Word of God" has stayed constant is because it can not ever be proven to be either "correct" or "incorrect".
Science is able to admit that it is wrong, and refine itself in order to provide a greater truth. The "Word of God" is static, refusing to even acknowledge that is may be in any way incorrect...
Right- this post seems to address this: http://theserverside.com/home/thread.jsp?th read_id =22337#101183
I can't see "copyright infringement" here because, as you say, it doesn't cover things like logical organization of objects and such. That's what patents are for:p
Anyway- legal or not, I personally see it as bad form to be doing such things without providing *some* sort of credit. Surely somewhere this exact issue has been addressed? With the creation of some standard language: "This code is an original work of (author), however portions of this code are were derived from logic, ideas, and arrangment present in (other code) authored by (other code author)"
Slashdot Mirror
Yeah no shit- he made a kernel, that's all- I respect what he did and all, but I do get kinda tired of the treatment of Linus as if he's some god.
As RMS had beaten in to our brains, "Linux" is *nothing* without a compiler toolchain and assorted userland tools.
And without XFree86, "Linux" remains a dinosaur.
My understanding is that Linus's kernel becoming the predominant "unix-like scheduling and memory-management core" to mate up with the GNU toolchain was just kinda a random fun accident.
Uhm- that wouldn't be useful at all- the absolute frame at time of disc pressing or vhs mastering or whatever doesn't translate to absolute frames of an encoded and digitized replication.
The methods I've seen discussed are simply just a bunch of dots here and there- you don't need to be very sophisticated.
> A derived work contains material that is covered by copyright taken from another work.
Well right, but we're specifically using that question, "Is it covered by copyright?" to decide whether it is derived or not.
-
A question can not be it's own answer.
> Imagine I take some numbers from a table in your book to make a graph to put in my book. In a colloquial sense you might say my work is derived from yours, but it is not a derived work in the legal sense, because all I took was information, which is not protected under copyright law."
-- crispy_critters
"All I took was information?"
Information is all there is for you, ever.
There for you waiting to discover it.
> and besides, as has been pointed out elsewhere, revocation of the GPL will invalidate the license to distribute granted by it. therefore the infringing party is distribnuting without license.
Not true- I'm arguing that the definition of "derivative work" is of infinte proportions.
Something that can be interpreted by both sides as being in compliance of the GPL- the lack of legal precedent is what allows this- the GPL never having been tested or refined- it is open to interpretation. Indoubtedly 2 companies soon will bring it to redemption, them each interpreting in what they thought were correct ways- and a judge deciding which is right.
> and in anycase, the nature of the derivation in question will be a decision made by a judge, with expert advice, IF it ever comes to that point.
Until that point comes, the GPL is potentially worthless.
Right- I doubt it as well- but the poster seemed to be dwelling on the fact that MPSub was "secret and not used anywhere" or something.
Let me tell you why- it's simple:
There is *no* clear definition *anywhere* of what exactly a "derivative work" is.
Really- there's not- it's similar to the definition of "life".
Depending on your POV, you can see *all* works as somehow derivative, or *no* works derivative.
Until there are concrete things like (just examples) "a function that replicates at least 70% of the mathematical operations in the same order will be considered derivative" or "rewriting code using different variable names while looking at original source code is not derivative" or "if more than 50% of an entire application'f functionality is identical to the original work, then the new work is considered derived"- the GPL will remain unenforcable except in repackage-and-distribute cases.
(I know those above definitions have lots of holes in them, but they're off the top of my head- and that's probably a good thing- it underscores the vastness of the problem)
"what is an appliaction exactly?"
"what exactly is source code?"
These are all very loose definitions...
Specifically in this case- lets say KISS used Mplayer's subtitle code but wrote everything else themselves.
(merely a hypothetical)
Is their player now a "derivative work"?
I surely don't know- common sense would suggest "no"- since the subtitle stuff is just a very very small part of the entire "player application" functionality.
But who knows?!?!?!?
Surely not me!!!!!!!
Nor anyone else!
Suppose KISS took the Mplayer subtitle code and "modified" it in to its own neat little file that represented the "modified mplayer code".
Then they simply #include (or compile as a dll- its just semantics) that functionality.
Then they release their "modified mplayer" (just the subtitle code) freely, as required by the GPL.
That stance seems decent to me- "we modified mplayer to provide subtitles to our proprietary movie player, here's the source to our modified mplayer"
It is just these kinds of things that, until ironed out, I'm afraid will be the death of the GPL...
You miss the point- that part of the GPL is very specific in it's wording:
"For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you"
I think it's safe to say that the Mplayer guys *know* that some of the stuff is patented.
And I think it's also safe to say that they *know* that Mplayer ends up being used/distributed in the US.
I like Mplayer too, and they really are a large part of why Linux has become more usable on the desktop, but they *really* are on an ethical gray area here.
Legally I'm sure they're reasonably safe, and on the whole "ethic" I think they're safe as well, but to be pointing out some subtitle stuff in some random DVD player and getting all accusatory just leaves a bad taste in my mouth. (With their fairly obvious disregard for the GPL and US software patents)
Or maybe they *chose to use Mplayer's MPsub format*???
Nothing wrong with that- algorithms and formats and such have to be *patented*.
Like- TCP is just a format, and not patented- but my code that implements the TCP format of network interaction is copyrighted.
I've used and liked FreeBSD since back in the 2.1.5 days. (~1994 IIRC)
Of all the reasons listed, it is the simplicity and order and coherency of everything that works for me. It's very standardized, and things just seem to be done in a way that "makes sense".
So- why not use it?
There really is only one reason: bleeding-edge hardware support.
For server systems this is not an issue, but for desktops (particularly laptops) it raises its ugly head.
I will say that the 5.x series makes a lot of improvements in the "general laptop functionality" area, but even still- hardware support *does* lag behind Linux.
It is for that reason (and *only* that reason) that for my FOB P2040, FreeBSD (4.x at the time) just was not an option. Stuff like sound/tvout/suspend/spindown and IIRC even the particular USB controller wasn't supported. It's been a long time now but I remember installing it and just finding it unworkable at all on a machine that new at the time.
Anyway- food for thought.
RedHat 6.2 was around 3+ years ago, FreeBSD 4.8 was certainly not.
If memory serves, 4.0 was around that time?
I don't understand- do you not believe me or something?
:)
At work I use both a Win2k and a FreeBSD machine- at home I run Linux on the laptop I'm typing this on right now. It's a Fujitsu P2040 with a Crusoe, so it's severely underpowered in some ways- as such Fluxbox is my "main" window manager. I stay current on both KDE and GNOME and switch between them routinely.
Admittedly I've never developed heavily under either platform, so my comments come more from a user-side. (tho I *am* pretty familiar with what the various structures in the framework are)
I dunno man- addressing your comments directly, AFAIK *nothing* uses GNOME-VFS yet (and I suspect it may die a horrid sudden death). And yeah, nothing uses GConf either (registry)- but really- those ideas are ahead of their time. Those things make sense in *huge* integrated environments- sure they seem unwieldy and unneeded now, but the principles they implement make sense. As for bonobo, I don't know what you're talking about.
KDE has some of the same structures, (of those specifically, DCOP acting like Bonobo), but it just all *seems* more hacked together in a mishmash sort of way-
Like I said- I don't really see any *major* differences under the hood- the GNOME components just mentioned are (again) ahead of their time, and dont really contribute much at the moment- so things are basically in the same spot.
In reference to the customization of each- I'm not talking about minor stuff like text next to icons, or menu items- I'm talking about the entire way the desktop works- Menu at bottom, taskbar at bottom, quicklauch at top etc etc.
IE: both Desktop Environments can be set up in the same logical working order, they're both flexible enough.
Anyway- I'm not trying to start desktop enviroment war I just hink that KDE is on its way out because of the Novell+Ximian+SUSE thing, and that it's a *good* thing- because those things that are *good* about KDE will now get put in to GNOME and the "Unified U*IX Desktop" will become a feasible reality
Don't give me that crap- I've extensively used both-
I don't think anything is particularly "killer" under KDE's hood contrasted to GNOME- and "default look" is a pretty weak measure of each package as a whole.
And I don't see how you can say they're "completely different"- each of them has a "default layout"- and each can be customized to act roughly equivalent to each other's default layouts-
In my mind they're roughly equivalent in all areas, sure, KDE might do this and that better, and GNOME might do this and that better, but its all details.
My point is just that a HELL of a lot of effort has been put in to both, while I think that effort combined could have made something even better.
Right- I mean more "a dominant desktop"-
It just kills me how so much effort has been put in to these 2 desktop/application frameworks... when they essentially do the exact same things to the same levels of competency... I wonder where we would be today if they simply had cooperated..
> We give money away instead of taking tribute. That sounds like the opposite of imperialism to me. If we wanted the world we could have had it in 1945. Instead, we went back to our farms and our shops because the rest of the world isn't worth a corner of Nebraska.
> Jealousy is the reason they hate us. They think we could just cure all their problems if we wanted to, but the truth is they have to do it themselves. They have to reject the warlords and the priests get up and work 40-80 hours a week, 50 weeks a year like we do. They have to tolerate differences in religion, race, and politics without slaughtering each other like we do.
I can't say that our policies towards the rest of the world are very nice right now at all- but ya- you're right.
Sure the US has it's own agenda, but on the whole we've been very generous to the rest of the world- and I can't blame the US for taking the more-favorable of 2 sides in certain things.
in such a small place...
God bless technology!
Yeah it's likely Flamebait but these are hard facts... and I see it this same way as well.
SUSE was a big part of why KDE was still around-
Relax, a unified common desktop is a good thing(tm)
You've got to be shitting me:
:)
"Dealing with an DDoS atack when your bandwidth is NOT eaten up is fairly simple. A quick and dirty script to read your firewall log(s) for incoming addresses that are trying the SYN attacks is fairly easy. Adding those IP addresses to a quick block list is also easy.
"Problem just goes away."
When you're talking about a simple SYN flood, these addresses can all be random spoofs anyway. There's no dependence on connection-setup or anything. All you need to do is get that first packet through and you can do that with spoofed IPs, so a block list is worthless- unless you just block everyone-
Yeah- block everyone, then the "problem just goes away"-
Stick to law, Groklaw
Generally after you stabilize the filesystem/config- you then run snort from, and keep it's configs on, a read-only media.
(this is not to make sure your logs dont get modified, it's to make sure that nobody can mess with teh IDS config to coverup the filesystem changes they made)
As others have said, remote logging takes care of that.
I don't know why people keep bringing up the "dot-matrix printer"- I read that as well ~10 years ago when I was first getting in to security.
I don't remember where, but it must have been somewhere, because everyone loves to talk about it- and it's always specifically "dot-matrix".
Is it actually a feasible solution? No. Maybe back in the olden days of unix when you only had one box, sure- but today?
Hell no.
Unless you're doing remote-logging to one box, and then printing from there.
When you setup a remote loghost, you have to be very careful about where it is.
It needs to be in a fairly local location. Do you know anyone that rushes down to replace the paper in their log machine every week?
Did they engineer some sort of endless-loop device with some scotch tape?
Not likely- If you're accepting the minor additional risks that come with remote logging to begine with, then it's easy enough to lock that box down to the point where it is for all intents and purposes, impenetrable.
It is a *network* intrusion detection system.
There's a big difference there.
NIDS generally sniff packets and look for signatures of attacks.
(on the *network*)
A box level IDS keeps an eye on filesystems to see what has been modified, keeping its information in some more-secure place. (read-only media or something)
Parent is not "insightful" in any way- go read some books or something...
IDS?
chroot?
read-only?
Does any of this mean anything to you?
There are a myriad of ways to make it *impossible* for a remote attacker to totally cover his tracks.
Uhm- yeah?
We're talking about a *kernel* exploit that requires local access!
Curious there's no mention of how the box was accessed in the first place...
What huh?
That makes no sense whatsoever- yeah you see some sort of numeric and scaling coincidences, but then you delve in to the illogical with "Thus it takes more clock cycles to initialise these resources and get them ready for use (ie. 'boot' them). The end result is boot times will be approximately constant (as observed)."
That's simply not true.
It *would* be true if the "initialization" of every device and component was defined, and necessary, and never-changing- but it's simply not.
You appear to be looking only at memory?
And then you assume that memory is tested on bootup today the same way it was in 1994?
????
Think a little bit...
The only reason the "Word of God" has stayed constant is because it can not ever be proven to be either "correct" or "incorrect".
Science is able to admit that it is wrong, and refine itself in order to provide a greater truth.
The "Word of God" is static, refusing to even acknowledge that is may be in any way incorrect...
Right- this post seems to address this:h read_id =22337#101183
:p
http://theserverside.com/home/thread.jsp?t
I can't see "copyright infringement" here because, as you say, it doesn't cover things like logical organization of objects and such.
That's what patents are for
Anyway- legal or not, I personally see it as bad form to be doing such things without providing *some* sort of credit.
Surely somewhere this exact issue has been addressed?
With the creation of some standard language:
"This code is an original work of (author), however portions of this code are were derived from logic, ideas, and arrangment present in (other code) authored by (other code author)"
This is the *Linux kernel*- arguably the most watched open codebase in existence-
And there's questions about whether this is the first time?
IMO the positive "peer review" aspect of open source just doesn't trickle down to smaller projects.
You've been able to do this for *years* with any learning remote control!