Did you read his 'license'? He has limits on distribution the same way GPL limits the distribution.
GPL limits the distribution, in the sense that if you distribute it, you have to give the source code. AND YES THIS IS A LIMITIATION.
Bernstein's license is that you can't distribute it and changing the author's (his) original wish on how the software should work. That means you cqan't arbitrary change the code, or the location of where the software is installed, and distribute and still call it qmail/djbdns.
You can distribute binaries, AS LONG AS IT INSTALL EXACTLY LIKE IT WOULD IF THE USER COMPILED AND DID A MAKE INSTALL FROM PRISTINE SOURCES.
Heck, like the GPL, if you don't like it, you can always negotiate with the author the change the license terms.
If you want talk about true freedom, talk about the BSD license.
Following the same analogy, if Linux was run on all the servers that WindowsNT does, it would have problems too?
Does it mean that because OpenBSD is used less than Linux/Windows/whathaveyou, that is probably as bad as the more used?
djbdns was designed with security in mind, BIND was not, and neither is the new version (by the authors own admission). djbdns uses the KISS principle. BIND does not.
The author of djbdns has a reward out for his software. He is *that* confident in his work. Would you bet money on BIND?
What, you think only software under the GPL can be legally used?
Let see this page sets the limit for distribution, and this page has a discussion on Bernstein's thoughts on licenses.
Or if you are to lazy to go to the link of the last one, let me quote: What does all this mean for the free software world? Once you've legally downloaded a program, you can compile it. You can run it. You can modify it. You can distribute your patches for other people to use. If you think you need a license from the copyright holder, you've been bamboozled by Microsoft. As long as you're not distributing the software, you have nothing to worry about.
You presume that people here considers security to be important. What is the saying that someone keeps quoting? "Those who would exchange freedom for a little security deserves neither".
Let look at the track record of BIND.
1) explot every few months (followed by apologies like, "well, BIND has been out so long, it has to be secure NOW".
2) New BIND, where the authors seem to indicate that security was not part of the design critieria.
But you see, djbdns has the wrong license. It's not GPL. And people will rather be rooted than run a non-GPL software. Especially if running it would mean that one had to admit that there is actually a non-GPL software that is (Oh nooo) *better* than the GPL alternative.
If you want to see the same additude for another piece of "software", check out any discussion on Sendmail (same arguments, same security holes).
The real question is: Are artists harmed by this free flow of information?
Well, is anyone harmed if I take a GPL software and make it propriatery? The creator of the software still have access to his code. Only the changes I make, which are distributed in my CLOSED SOURCE software, is not open.
Being that you are for people going against the copyright owner's wishes, you, of course, are for this scenario also.
This is OpenSource, right? You're not my manager, right? If I want to spend my time writing the 101th mail client, it's my right to do it. Who are you to tell me where I'm supposed to spend my free time?
If you want to join and existing mail client dev. team, you are free to do so, but don't go around telling others what they should and shouldn't do.
Well, I don't know what 'we' want, but I wouldn't mind a new BMW Z8. I also want a 10 room mansion, but built in swimming pool. Oh, and a house up in Lake Tahoe for the summer (and winter). And Alicia Witt as girlfriend. And a vacation to Australia.
And if IBM is unable to get me these stuff? Well, they're being parasitic anyways.
as the mathematical impossibility of this is the basis for the RSA algorithm.
Factoring two primes, no matter how big, is not mathematically impossible. It's just really really hard. Encryption is based on the fact that it will take longer to break the encrypted message than the message being valid.
I know I haven't heard of it outside of this site, but I'm not that interested in compression format, so I don't go out of my way to search for this kind of information.
Or as some astute Slashdot reader wrote once, "Information is like manure, hoarding it just makes it smell bad", or something to that effect.
Remember in the immortal words of RMS: "Keeping information to yourself? You're just being immoral and parasitic".
And now, while you're thinking about how stupid you were for not sharing your information before, we will be celebrating the liberation of said information.
My understanding is that Network Solutions will be cretificate authority. Of course, they haven't implemented this yet, so DNSSEC is pretty useless at the moment.
But with IBM doing so much work for the linux community lately, maybe we'll get lucky and see a WPS on linux. One can only dream.
You can't really port WPS over without losing most of its power, or do significant changes to ext2. HPFS has built-in 'knowledge' of the file, which made much of the WPS stuff possible. Linux' magic files/mime.types is a poor approximation of the capabilities of hpfs.
Can you show me the server-side code release for their fancy little Update-Agent?
The GPL doesn't specify that you have to give the source to anyone who ask for it, only to those who you distribute your software to. So, you distribute a piece of software, you distribute the code too.
As far as we know, the server-side Update-Agent could be GPL, and RedHat would still have no obligation to give out the source code.
The original author point was "...thousands of people are hacking away at it daily. This caeses security problems to come to the surface very quickly", which is just a reiteration of ESR's statement that all bugs are shallow with enough eyeballs.
If this was true, the BIND and Sendmail should be the most bug free software out there since they have been around the longest. This is simply not true.
Also, zealots don't like qmail and djbdns because the author refuses to GPL the software, and those two packages also don't meet the Open Source definition.
If "[Open Source] caeses security problems to come to the surface very quickly", please explain why, after 20 years, Sendmail still have security bugs, and why BIND is considered the number 1 security risk?
And in case you try to argue that latest version of Sendmail is good, last bug was posted April 2000. Wanna bet that that will be the last security bug?
Slashdot Mirror
Did you read his 'license'? He has limits on distribution the same way GPL limits the distribution.
GPL limits the distribution, in the sense that if you distribute it, you have to give the source code. AND YES THIS IS A LIMITIATION.
Bernstein's license is that you can't distribute it and changing the author's (his) original wish on how the software should work. That means you cqan't arbitrary change the code, or the location of where the software is installed, and distribute and still call it qmail/djbdns.
You can distribute binaries, AS LONG AS IT INSTALL EXACTLY LIKE IT WOULD IF THE USER COMPILED AND DID A MAKE INSTALL FROM PRISTINE SOURCES.
Heck, like the GPL, if you don't like it, you can always negotiate with the author the change the license terms.
If you want talk about true freedom, talk about the BSD license.
Oh, did you read the quote I wrote?
You can change qmail or any application Bernstein writes to your heart's delight. Just don't distribute it and claim it is the original.
All software has bugs. OK. BIND has a trackrecord of having security related bugs.
Maybe we should be more forgiving to Microsoft security issues then?
Following the same analogy, if Linux was run on all the servers that WindowsNT does, it would have problems too?
Does it mean that because OpenBSD is used less than Linux/Windows/whathaveyou, that is probably as bad as the more used?
djbdns was designed with security in mind, BIND was not, and neither is the new version (by the authors own admission). djbdns uses the KISS principle. BIND does not.
The author of djbdns has a reward out for his software. He is *that* confident in his work. Would you bet money on BIND?
I've been using djbdns for almost a year now (while it was still called dnscache).
Note that djbdns is a suite of dns utilities that together gives the same functionality of BIND.
dnscache *only* do caching (great if you are on a dialup. Because, do you really need a fullblown dnsserver if you only what to do caching?).
tinydns *only* only server dns request (no caching).
If you want a dnsserver, you only need those two. They run in with their own userid, in chroot'ed into their own directories owned by them.
AND, it's a snap to set up (took my half a day to figure out everything).
Let see this page sets the limit for distribution, and this page has a discussion on Bernstein's thoughts on licenses.
Or if you are to lazy to go to the link of the last one, let me quote:
What does all this mean for the free software world? Once you've legally downloaded a program, you can compile it. You can run it. You can modify it. You can distribute your patches for other people to use. If you think you need a license from the copyright holder, you've been bamboozled by Microsoft. As long as you're not distributing the software, you have nothing to worry about.
Wanna try again?
You presume that people here considers security to be important. What is the saying that someone keeps quoting? "Those who would exchange freedom for a little security deserves neither".
Let look at the track record of BIND.
1) explot every few months (followed by apologies like, "well, BIND has been out so long, it has to be secure NOW".
2) New BIND, where the authors seem to indicate that security was not part of the design critieria.
But you see, djbdns has the wrong license. It's not GPL. And people will rather be rooted than run a non-GPL software. Especially if running it would mean that one had to admit that there is actually a non-GPL software that is (Oh nooo) *better* than the GPL alternative.
If you want to see the same additude for another piece of "software", check out any discussion on Sendmail (same arguments, same security holes).
Well, is anyone harmed if I take a GPL software and make it propriatery? The creator of the software still have access to his code. Only the changes I make, which are distributed in my CLOSED SOURCE software, is not open.
Being that you are for people going against the copyright owner's wishes, you, of course, are for this scenario also.
This is OpenSource, right? You're not my manager, right? If I want to spend my time writing the 101th mail client, it's my right to do it. Who are you to tell me where I'm supposed to spend my free time?
If you want to join and existing mail client dev. team, you are free to do so, but don't go around telling others what they should and shouldn't do.
Popular in Europe.
You forgot
- Who do you trust?
Well, I don't know what 'we' want, but I wouldn't mind a new BMW Z8. I also want a 10 room mansion, but built in swimming pool. Oh, and a house up in Lake Tahoe for the summer (and winter). And Alicia Witt as girlfriend. And a vacation to Australia.
And if IBM is unable to get me these stuff? Well, they're being parasitic anyways.
Isn't there a Shadow ship burried on Ganymede?
Come to think about it, isn't there one burried on Mars too? Maybe we should try to dig the one on Mars out first before the next big war.
Always wanted to fly a starfury.
as the mathematical impossibility of this is the basis for the RSA algorithm. Factoring two primes, no matter how big, is not mathematically impossible. It's just really really hard. Encryption is based on the fact that it will take longer to break the encrypted message than the message being valid.
Isn't that the same guy who showed up at the Microsoft Refund Day dressed up as a Jedi Knight?
It uses the code base from Win2000, it's just being focues on home users, i.e. probably has fewer enterprise functionality, like WMI, servers etc.
Does anybody but /. readers know about Ogg Vorbis?
I know I haven't heard of it outside of this site, but I'm not that interested in compression format, so I don't go out of my way to search for this kind of information.
Microsoft's stock went up because the company beat the marked's expectations for the last quarter.
I am amazed, I cannot understand the investors
Well, it would have helped if you had payed attention. The M$ stock had been up for a while before the news of the breakin got out.
Or as some astute Slashdot reader wrote once, "Information is like manure, hoarding it just makes it smell bad", or something to that effect.
Remember in the immortal words of RMS: "Keeping information to yourself? You're just being immoral and parasitic".
And now, while you're thinking about how stupid you were for not sharing your information before, we will be celebrating the liberation of said information.
Huzzah.
My understanding is that Network Solutions will be cretificate authority. Of course, they haven't implemented this yet, so DNSSEC is pretty useless at the moment.
But with IBM doing so much work for the linux community lately, maybe we'll get lucky and see a WPS on linux. One can only dream.
You can't really port WPS over without losing most of its power, or do significant changes to ext2. HPFS has built-in 'knowledge' of the file, which made much of the WPS stuff possible. Linux' magic files/mime.types is a poor approximation of the capabilities of hpfs.
Redhat has been critized for not following the standard. They have also been critized for following the standard.
Can you show me the server-side code release for their fancy little Update-Agent?
The GPL doesn't specify that you have to give the source to anyone who ask for it, only to those who you distribute your software to. So, you distribute a piece of software, you distribute the code too.
As far as we know, the server-side Update-Agent could be GPL, and RedHat would still have no obligation to give out the source code.
I use both qmail and djbdns at work and at home.
This really doesn't change my original statement.
The original author point was "...thousands of people are hacking away at it daily. This caeses security problems to come to the surface very quickly", which is just a reiteration of ESR's statement that all bugs are shallow with enough eyeballs.
If this was true, the BIND and Sendmail should be the most bug free software out there since they have been around the longest. This is simply not true.
Also, zealots don't like qmail and djbdns because the author refuses to GPL the software, and those two packages also don't meet the Open Source definition.
If "[Open Source] caeses security problems to come to the surface very quickly", please explain why, after 20 years, Sendmail still have security bugs, and why BIND is considered the number 1 security risk?
And in case you try to argue that latest version of Sendmail is good, last bug was posted April 2000. Wanna bet that that will be the last security bug?