In order to come into compliance, one thing you can do is stop shipping the product. You are then in compliance again.
And you are still in violation of the license. How do you handle the penalties for your existing violation?
Then, you re-write the pieces that were causing the problem, and you start shipping the product again with the newly re-written pieces.
And you still have not released the source that is mated to the version you've already shipped. Where is the source that goes with version 1.0? If you release version 2.0 with "cleaned-up" source code, you are still required to release sources for version 1.0, as well as atone for your prior violation with that version. Just because you complied at version v2.0 doesn't mean your violation with v1.0 goes away.
Sony tried this game with their version of the POSE FLOSS project. They would release v1.0 in binary, then release 2.0 binaries, with v1.0 source code, and so on. Always keeping the source 1 release behind. They were in direct violation of the letter and spirit of the GPL license.
Now, if you happen to be able to re-write those pieces so that you can stop/start shipping on the same day, well, that's ok too, you are still in compliance.
You are assumed to be in compliance with the GPL for version 2.0 of your product, but you are still in violation of version 1.0 of your product. What do you do for all of the units already out in the hands of consumers?
Each unit is now subject to US Copyright violation penalties, which vary from $20k to $200k per-unit (look it up). If you shipped 1,000 units, that's a $20M penalty at the low end of that scale.
Read the license - it's in there.
It sure is, and you've misinterpreted it very nicely.
I see this quite a lot... companies admitting their guilt, and then releasing "cleaned up" source code that complies with the license(s) in question.
The problem is that "cleaned-up" source code creates a different set of binaries, for which source code must also be released.
They need to release the SAME source code that was used to create the binaries which they've already released and distributed, not just "cleaned-up" code, which generates different binaries.
When you have digital data with DRM, you have the worst of both worlds essentially.
More-importantly, will this same title be available for reading in 200 years? 500 years?
We can still read books, manuscripts, poems and other written works written hundreds and thousands of years ago, BECAUSE they were analog, and not digital.
Will there be a Kindle available in 200 years with the appropriate DRM to decrypt the works and allow someone to continue to read them in 2207? I doubt it. (assuming we don't kill our planet off by then, of course;)
Wind might always blow at very high altitudes - but solar works only during the day.
Incorrect. Commercially-available solar panels are only able to capture one spectrum of the light available, however... there are panels which can capture five levels of the light spectrum, at much greater efficiency than the presently available panels.
This means you can capture power at night (infrared), from ambient light (streetlamps), reflected light and so on.
These newer panels are obviously much more expensive than regular panels, but the technology is evolving to lower that cost.
We're walk around all day, every day, while free money is raining down on us, and hardly anybody is collecting it. It's time someone made that obvious to people and started making it possible to do it at lower cost than before.
I've brought this up before... but it bears repeating.
Purchasing the DVD itself, offsets the cost of advertising.
This means, if I put down money in exchange for the product, I expect that I won't be forced to sit through the ads. We have pay-cable that is supposed to be ad-free. Is it? Not anymore. Paying the additional fee for Showtime, HBO, Cinemax and so on was supposed to be an enhanced, ad-free experience. Now all of those channels are full of garbage advertisements, cutting into the show's playing time.
In fact, I have a DVD of cartoons and such for my daughter, which doesn't even let me PAUSE or STOP the previews once they start playing. I can't fast-forward through them, I can't pause or stop them, and so my 3-year old daughter is forced to watch distracting, ADD-inducing advertisements for movies well outside her age range.
That particular DVD went right back to the store for a full refund (NOT a store credit).
What was my other option? Rip the DVD and take out the advertisements, and burn it back to another disc. I already paid for it. It belonged to me. I can do with it, what I wish. I don't need my daughter developing any sort of "brand loyalty" or ADHD at her age, just so she can watch her favorite cartoon while we travel.
We're all getting used to seeing these annoying ads in the lower-right corner of our favorite television shows now. First they were static images showing what was coming next. Then they were animated. Then they got LARGER. Now they have sound, bleeding right over the top of the show you're watching. Now they ads stay in the corner throughout the ENTIRE SHOW.
What am I paying a cable bill for, if I'm still forced to watch the advertisements DURING my show? We're not talking about commercial breaks here. At least projects like MythTV are smart enough to programmatically remove the advertisements and commercials, leaving just the intended watching experience left on the drive.
The point is, if you can't price your product accordingly to remove ads entirely for the customer, then your business model is wrong, or your pricing is wrong. Fix those, don't force more advertising down our throats. It's getting out of hand now.
If the force-feeding of advertisements continues, I know I'll be joined by a few million of my friends who will simply stop supporting those products and terminate our cable television services, as well as return any and all products that force ads on us without the choice to skip or remove them.
Someone should re-educate the German government (and other governments who try this), that encryption is meant for a purpose... to prevent unauthorized individuals from intercepting the communications protected by the encryption. Let me re-state that in a simpler way:
If the German government is not the sender, or the intended recipient, they do not have any right to see, hear or intercept the information. Period.
If they can't decrypt the encrypted data stream, then the encryption is doing its job. That's the point.
If the encryption can be decrypted, then it is no longer encryption, and should be rewritten to properly secure the information again, locking out unauthorized access.
I have a Treo 680 and have had the Treo 650 before that, and I can guarantee that neither of these handsets, through their service at Cingular ("Single-Bar") and AT&T have this "loud" feature.
I regularly accidentally call 9-1-1 on my phone, because their stupid handsets automatically go into a mode when the keypad is locked that presents you with two options: "Ok" (after entering your unlock password) and "Make Emergency Call".
When my bluetooth headset is in my pocket, it regularly hits the "Make Emergency Call" button, and the 9-1-1 operator is subject to whatever noises are present, muffled through my pants pocket. Sometimes they call back or leave messages telling me that I've accidentally dialed 9-1-1 on them.
But there is most-certainly NOT a loud tone, chip, alarm or otherwise, when I dial them, accidentally or otherwise.
Remind me again why we seceded from England? Oh yes, that's right, I remember now.
These people would atax AIR if they could find a way to meter it.
I'm willing to bet that when everything is outsourced out of the state, jobs, computer repair shops shut down (and stop paying their property and business taxes, FAR higher revenue streams than taxing the programming/support services they provide), these states might rethink their choices.
Or maybe not. We already know this country is on a slippery slope downward, why not grease the rails and speed it up.
What I think you meant to ask was "If I build a webservice with software that is licensed under the AGPL, do I have to distribute changes I make to that software".
The answer to that is YES.
I'm sure others have already replied, but... "The answer to that is NO."
You only have to redistribute any changes to the software if you have received software licensed under the APL. As an original author of software which is licensed under the APL, and not released to the public, I don't have to release the source.
Likewise, if I release v1.0 under the APL, and I'm using v2.0 on my public webserver as a webservice, I DO NOT have to release the source of those changes from 1.0 -> 2.0, until I release v2.0 as an update to v1.0's release cycle.
If I write a webservice, and license it under the APL, and use it publically somewhere, so people can contact my webservice, I DO NOT have to release the source code to that project.
I see the value of this, for "honest" contributors and companies who wish to contribute back, and ensure that those contributions are kept public and available, but... have we just opened another loophole in the licensing?
Let's say I write NeatNewWebService v0.1, and I release it under the APL. Now LoathingBastardCompany decides they like it (and I should note, something very similar has happened before).
LoathingBastardCompany takes the code, modifies it heavily inside their company, and begins using it, exposing it publicly to clients and customers.
How am I supposed to know that they're using it? How do I tell that my code is actually powering their web service? How can I enforce the APL, if there's no way to determine if it is indeed being used?
In a previous situation (see above), the company in question took our code, pulled out all of our names, ripped out the license file, changed a few About screens, and sold it to their customers and clients, at high costs. The only way we'd ever be able to gain access to the binary to debug it and find out that it was 100% our code, would be to pay that price to examine it. (In our case, they gave away our viewer code as demos to display their content (prepared with our distiller tools), so we found it easily).
But how does this happen when you're interacting with the APL code via a web service? And how do you do it, if that web service is in public, but closed usage?
...and so on. Barring that, they just ask a member of the FLOSS community to host it for them, gratis, in exchange for some mention on their website or other non-financial gratification.
I highly doubt the kids in this study are going to have the kind of problems people are predicting for them once they go to work, it's not like they're stupid. They merely have begun to use a more efficient form of communication, which offers more features they want, for their personal communication.
I hope they're learning both disciplines then, because most of Corporate America forbids internal IM (HUGE security breaches have happened by using IM inside the corporate LAN), and good luck finding internal "forums" for person-to-person communications inside the company network.
The world uses email, kids and facebook users, use IM.
This is actually a pretty good idea in my book (even though I don't use it). It cuts down on spam (it's harder to spam a profile than an E-Mail address) and offers features E-Mail doesn't have, and if you need something E-Mail can do you just fall back on it.
No searching
No offline reading (i.e. fetch and read/reply while on an airplane)
No way to save a post as a draft (see #2 above)
Can't easily use from a text/remote/shell interface (many use Javascript form validation)
Must load a browser to interact with it
Forums are great, but they're in no way in the same category as email. You're comparing the taste of an orange to the speed of a Porsche.
IM is fine. IM is great. But IM only works when both are connected and both have time to reply.
The antithesis to this for the current "gimme, gimme" IM generation, is that they treat email as IM. I hear this dozens of a times a month, where I'm on the phone with someone, they tell me they've sent me an email, and ask me if I received it yet.
No, because I get email once a day, and I prefer it that way, thanks. That email has a 5-day period to reach to me, before it gets dumped.
I don't really care to check my email 500 times a day. I prefer to get work done, and use email as a tool to achieve that goal.
Email is NOT IM, so please (to those who treat it as such), don't.
And lastly, I prefer my HTML on port 80, not port 25.
I strip out HTML from emails at the MTA anyway, so I don't see it. If there's some sort of valuable information conveyed in that HTML, then send me a link to a webpage, don't litter my Inbox with malware and other garbage.
Email is still king. I can use attachments... it is platform independent (which IM is most-definitely NOT), I can check it from hundreds of places, as well as my PDA, my laptop, an Internet kiosk, and so on.
Either you don't give out your address, meaning that you cannot make wide use of it, or you get too much spam.
Or you install dspam, and never have to worry about it again. I haven't seen a single spam in my Inbox IN OVER 3 YEARS now, nor have any of the users I host mail for.
Thousands of spam messages are blocked or quarantined every day, and I never see them, unless I decide to check the quarantine (which is web-based). I put graymilter in front of that, and the incoming malware connections on port 25 droppedsignificantly.
I have no problem sticking my public email addresses out anywhere, because I simply don't get spam anymore. Problem solved.
I could care less about my public mailing list messages, it's the other email that matters.
Is DHS going to really put me on a watch list because of my contributions to Project Gutenberg, Plucker, the core Mediawiki code or dozens of my other contributions? Not likely.
Are they going to put me on a watch list because of my political affiliations? My emails pointing out the egregious flaws in our administration? The methods people can use to personally protect themselves from an oppressive government? You bet. (I'm already on that list, no-doubt).
And if there are two standards, and users want secure email, they decide on the one with the broadest penetration... and that is GPG (i.e. works on all platforms, plugins for all clients, freely available, fully OSS, etc.)
If you don't want a cell phone active in your establishment, what you want is not a jammer, which is illegal, but a detector...
Not to give away a perfectly good, patentable idea, but let's take the Cellphone Detector one step further:
Have it send a text message to the phones to let them know to turn it off or on vibrate. The device will continue to send repeated messages, once per-minute, until the person switches off their phone. When the device detects no signal in that area, it stops sending SMS messages.
Alert the server (via proximity?), which customers have their phone still enabled (perhaps a low-range unit on each table, like the per-table jukeboxes?), so they can either ask the person to switch off their phone, put it on vibrate, or leave.
simpledog.com isn't even a real website or business operating anything dog related. It is yet another one of those fake, front-end search sites.
Those are called "MFA" sites, or "Made for Ads"/"Made for AdSense", and they exist solely to get people to click to get to them, then click links on them to get away from them.
Google is doing a lot to phase out MFA sites (push them WAY down in the SERPs, so they don't show up until page 10+).. and a new breed of MFA sites are emerging... MFA 2.0 those with REAL content, real useful content presented in a way that doesn't look like it is geared towards selling ads.
Here are two examples (I don't have any affiliation with either of these, but I am doing a research paper on the changes in "Online Marketing" over the years)
That was a reporter for Wired magazine Joshua Quittner, who, back in the early days of the net (1994), noticed that McDonalds had not registered McDonalds.com. So he himself registered it, contacted the company, and documented the whole thing, prior to giving the domain to McDonalds.
No problem... let them snoop. Now I'll just be twiddling the "Encrypt and sign all outgoing email" box on my MUA, and finally start using GPG full-time for all of my incoming and outgoing email, instead of with just my friends and close colleagues.
There are plugins for Evolution, pine, mutt, Thunderbird and just about every other Mail User Agent you can find out there.
Another great benefit, is that I can automatically block/quarantine/delete any and all email that does not contain a gpg-signed component (i.e. 99.999% of all email out there, mostly spam). dspam does an amazing job, but being able to just reject it at the MTA level would be great.
And for those that wish to converse with me, please make sure to use my GPG key to do so (also available here with detailed instructions).
Slashdot Mirror
It's not because of what they KNOW, it's because of what they DO NOT KNOW (i.e. malpractice insurance).
There's a reason they call it PRACTICING medicine, and PRACTICING law.
Not quite, see below.
And you are still in violation of the license. How do you handle the penalties for your existing violation?
And you still have not released the source that is mated to the version you've already shipped. Where is the source that goes with version 1.0? If you release version 2.0 with "cleaned-up" source code, you are still required to release sources for version 1.0, as well as atone for your prior violation with that version. Just because you complied at version v2.0 doesn't mean your violation with v1.0 goes away.
Sony tried this game with their version of the POSE FLOSS project. They would release v1.0 in binary, then release 2.0 binaries, with v1.0 source code, and so on. Always keeping the source 1 release behind. They were in direct violation of the letter and spirit of the GPL license.
You are assumed to be in compliance with the GPL for version 2.0 of your product, but you are still in violation of version 1.0 of your product. What do you do for all of the units already out in the hands of consumers?
Each unit is now subject to US Copyright violation penalties, which vary from $20k to $200k per-unit (look it up). If you shipped 1,000 units, that's a $20M penalty at the low end of that scale.
It sure is, and you've misinterpreted it very nicely.
I see this quite a lot... companies admitting their guilt, and then releasing "cleaned up" source code that complies with the license(s) in question.
The problem is that "cleaned-up" source code creates a different set of binaries, for which source code must also be released.
They need to release the SAME source code that was used to create the binaries which they've already released and distributed, not just "cleaned-up" code, which generates different binaries.
More-importantly, will this same title be available for reading in 200 years? 500 years?
We can still read books, manuscripts, poems and other written works written hundreds and thousands of years ago, BECAUSE they were analog, and not digital.
Will there be a Kindle available in 200 years with the appropriate DRM to decrypt the works and allow someone to continue to read them in 2207? I doubt it. (assuming we don't kill our planet off by then, of course ;)
Incorrect. Commercially-available solar panels are only able to capture one spectrum of the light available, however... there are panels which can capture five levels of the light spectrum, at much greater efficiency than the presently available panels.
This means you can capture power at night (infrared), from ambient light (streetlamps), reflected light and so on.
These newer panels are obviously much more expensive than regular panels, but the technology is evolving to lower that cost.
We're walk around all day, every day, while free money is raining down on us, and hardly anybody is collecting it. It's time someone made that obvious to people and started making it possible to do it at lower cost than before.
I've brought this up before... but it bears repeating.
Purchasing the DVD itself, offsets the cost of advertising.
This means, if I put down money in exchange for the product, I expect that I won't be forced to sit through the ads. We have pay-cable that is supposed to be ad-free. Is it? Not anymore. Paying the additional fee for Showtime, HBO, Cinemax and so on was supposed to be an enhanced, ad-free experience. Now all of those channels are full of garbage advertisements, cutting into the show's playing time.
In fact, I have a DVD of cartoons and such for my daughter, which doesn't even let me PAUSE or STOP the previews once they start playing. I can't fast-forward through them, I can't pause or stop them, and so my 3-year old daughter is forced to watch distracting, ADD-inducing advertisements for movies well outside her age range.
That particular DVD went right back to the store for a full refund (NOT a store credit).
What was my other option? Rip the DVD and take out the advertisements, and burn it back to another disc. I already paid for it. It belonged to me. I can do with it, what I wish. I don't need my daughter developing any sort of "brand loyalty" or ADHD at her age, just so she can watch her favorite cartoon while we travel.
We're all getting used to seeing these annoying ads in the lower-right corner of our favorite television shows now. First they were static images showing what was coming next. Then they were animated. Then they got LARGER. Now they have sound, bleeding right over the top of the show you're watching. Now they ads stay in the corner throughout the ENTIRE SHOW.
What am I paying a cable bill for, if I'm still forced to watch the advertisements DURING my show? We're not talking about commercial breaks here. At least projects like MythTV are smart enough to programmatically remove the advertisements and commercials, leaving just the intended watching experience left on the drive.
The point is, if you can't price your product accordingly to remove ads entirely for the customer, then your business model is wrong, or your pricing is wrong. Fix those, don't force more advertising down our throats. It's getting out of hand now.
If the force-feeding of advertisements continues, I know I'll be joined by a few million of my friends who will simply stop supporting those products and terminate our cable television services, as well as return any and all products that force ads on us without the choice to skip or remove them.
Let me ask you this: If tasers did not exist, would you have pulled your service firearm and fired in those same 3 instances?
HAHAHAhahAHAHHA... thanks for the great laugh on a Saturday morning.
Someone should re-educate the German government (and other governments who try this), that encryption is meant for a purpose... to prevent unauthorized individuals from intercepting the communications protected by the encryption. Let me re-state that in a simpler way:
If the German government is not the sender, or the intended recipient, they do not have any right to see, hear or intercept the information. Period.
If they can't decrypt the encrypted data stream, then the encryption is doing its job. That's the point.
If the encryption can be decrypted, then it is no longer encryption, and should be rewritten to properly secure the information again, locking out unauthorized access.
I have a Treo 680 and have had the Treo 650 before that, and I can guarantee that neither of these handsets, through their service at Cingular ("Single-Bar") and AT&T have this "loud" feature.
I regularly accidentally call 9-1-1 on my phone, because their stupid handsets automatically go into a mode when the keypad is locked that presents you with two options: "Ok" (after entering your unlock password) and "Make Emergency Call".
When my bluetooth headset is in my pocket, it regularly hits the "Make Emergency Call" button, and the 9-1-1 operator is subject to whatever noises are present, muffled through my pants pocket. Sometimes they call back or leave messages telling me that I've accidentally dialed 9-1-1 on them.
But there is most-certainly NOT a loud tone, chip, alarm or otherwise, when I dial them, accidentally or otherwise.
Remind me again why we seceded from England? Oh yes, that's right, I remember now.
These people would atax AIR if they could find a way to meter it.
I'm willing to bet that when everything is outsourced out of the state, jobs, computer repair shops shut down (and stop paying their property and business taxes, FAR higher revenue streams than taxing the programming/support services they provide), these states might rethink their choices.
Or maybe not. We already know this country is on a slippery slope downward, why not grease the rails and speed it up.
I'm sure others have already replied, but... "The answer to that is NO."
You only have to redistribute any changes to the software if you have received software licensed under the APL. As an original author of software which is licensed under the APL, and not released to the public, I don't have to release the source.
Likewise, if I release v1.0 under the APL, and I'm using v2.0 on my public webserver as a webservice, I DO NOT have to release the source of those changes from 1.0 -> 2.0, until I release v2.0 as an update to v1.0's release cycle.
If I write a webservice, and license it under the APL, and use it publically somewhere, so people can contact my webservice, I DO NOT have to release the source code to that project.
I see the value of this, for "honest" contributors and companies who wish to contribute back, and ensure that those contributions are kept public and available, but... have we just opened another loophole in the licensing?
Let's say I write NeatNewWebService v0.1, and I release it under the APL. Now LoathingBastardCompany decides they like it (and I should note, something very similar has happened before).
LoathingBastardCompany takes the code, modifies it heavily inside their company, and begins using it, exposing it publicly to clients and customers.
How am I supposed to know that they're using it? How do I tell that my code is actually powering their web service? How can I enforce the APL, if there's no way to determine if it is indeed being used?
In a previous situation (see above), the company in question took our code, pulled out all of our names, ripped out the license file, changed a few About screens, and sold it to their customers and clients, at high costs. The only way we'd ever be able to gain access to the binary to debug it and find out that it was 100% our code, would be to pay that price to examine it. (In our case, they gave away our viewer code as demos to display their content (prepared with our distiller tools), so we found it easily).
But how does this happen when you're interacting with the APL code via a web service? And how do you do it, if that web service is in public, but closed usage?
Then SmallNonprofitOrganization uses any of the hundreds of services out there to help them, like:
...and so on. Barring that, they just ask a member of the FLOSS community to host it for them, gratis, in exchange for some mention on their website or other non-financial gratification.
I hope they're learning both disciplines then, because most of Corporate America forbids internal IM (HUGE security breaches have happened by using IM inside the corporate LAN), and good luck finding internal "forums" for person-to-person communications inside the company network.
The world uses email, kids and facebook users, use IM.
Forums are great, but they're in no way in the same category as email. You're comparing the taste of an orange to the speed of a Porsche.
The antithesis to this for the current "gimme, gimme" IM generation, is that they treat email as IM. I hear this dozens of a times a month, where I'm on the phone with someone, they tell me they've sent me an email, and ask me if I received it yet.
No, because I get email once a day, and I prefer it that way, thanks. That email has a 5-day period to reach to me, before it gets dumped.
I don't really care to check my email 500 times a day. I prefer to get work done, and use email as a tool to achieve that goal.
Email is NOT IM, so please (to those who treat it as such), don't.
And lastly, I prefer my HTML on port 80, not port 25.
I strip out HTML from emails at the MTA anyway, so I don't see it. If there's some sort of valuable information conveyed in that HTML, then send me a link to a webpage, don't litter my Inbox with malware and other garbage.
Email is still king. I can use attachments... it is platform independent (which IM is most-definitely NOT), I can check it from hundreds of places, as well as my PDA, my laptop, an Internet kiosk, and so on.
Or you install dspam, and never have to worry about it again. I haven't seen a single spam in my Inbox IN OVER 3 YEARS now, nor have any of the users I host mail for.
Thousands of spam messages are blocked or quarantined every day, and I never see them, unless I decide to check the quarantine (which is web-based). I put graymilter in front of that, and the incoming malware connections on port 25 dropped significantly.
I have no problem sticking my public email addresses out anywhere, because I simply don't get spam anymore. Problem solved.
Where is this utopia you speak of? I wish to relocate there.
I could care less about my public mailing list messages, it's the other email that matters.
Is DHS going to really put me on a watch list because of my contributions to Project Gutenberg, Plucker, the core Mediawiki code or dozens of my other contributions? Not likely.
Are they going to put me on a watch list because of my political affiliations? My emails pointing out the egregious flaws in our administration? The methods people can use to personally protect themselves from an oppressive government? You bet. (I'm already on that list, no-doubt).
And if there are two standards, and users want secure email, they decide on the one with the broadest penetration... and that is GPG (i.e. works on all platforms, plugins for all clients, freely available, fully OSS, etc.)
Not to give away a perfectly good, patentable idea, but let's take the Cellphone Detector one step further:
Those are called "MFA" sites, or "Made for Ads"/"Made for AdSense", and they exist solely to get people to click to get to them, then click links on them to get away from them.
Google is doing a lot to phase out MFA sites (push them WAY down in the SERPs, so they don't show up until page 10+).. and a new breed of MFA sites are emerging... MFA 2.0 those with REAL content, real useful content presented in a way that doesn't look like it is geared towards selling ads.
Here are two examples (I don't have any affiliation with either of these, but I am doing a research paper on the changes in "Online Marketing" over the years)
[1] http://www.toolboxtales.com/
[2] http://www.diabetes-information.org/
Here's an MFA 1.0 site that seems to be after the same market as the toolboxtales MFA 2.0 site above:
[3] http://toolboxtips.com/
Interesting times, for sure.
Note he said mcdonalds. net , not .com.
No problem... let them snoop. Now I'll just be twiddling the "Encrypt and sign all outgoing email" box on my MUA, and finally start using GPG full-time for all of my incoming and outgoing email, instead of with just my friends and close colleagues.
There are plugins for Evolution, pine, mutt, Thunderbird and just about every other Mail User Agent you can find out there.
Another great benefit, is that I can automatically block/quarantine/delete any and all email that does not contain a gpg-signed component (i.e. 99.999% of all email out there, mostly spam). dspam does an amazing job, but being able to just reject it at the MTA level would be great.
And for those that wish to converse with me, please make sure to use my GPG key to do so (also available here with detailed instructions).
Nope, I meant what I typed.