"The USA was the world leader in locking people up long before Ashcroft was Attorney General"
Tue enough, but it seems that our AG isn't contented enough with his current awesome power and ability to trample people's rights, and wants MORE! (Ala, indefinitely keeping inmates at Camp X-Ray without trial, or POW status?!) That should scare you.
"Perhaps we should look into the links between Comrade Clinton and the Communists?"
Or the "Burning Bush" and greedy, venal, consumer-rights bashing, capitalist pimps.
Mind you, that I didn't have much love loss for Wild Willie Clinton either.
RIPPING exists for me to enjoy my music that I PAID for in another form that that it was delivered on.
If you want to prevent copyright violations, then find those who are violating the law and prosecute them.
I guess I'm glad you're not creating the laws this country runs on... (Not that the ones we're getting these days are much better...)
As for your example, how about an IDEA that's illegal. Or basically PRIOR-RESTRAINT. We prevent you from any action that MIGHT, if taken to another step be illegal. I'm sure there are examples, but you've not used one yet.
Ripping music is much more directly related to music piracy than any of those stupid examples you gave anyway.
Obviously. Axe Murder doesn't have anything to do with ripping music... I do know what you MEANT though.
Did you know that the cold medicine pseudoephedrine is a primary ingredient in Meth Labs production? So should we outlaw pseudoephedrine? [Love cut and paste, I couldn't type that twice!]
So, by your logic, not being able to RIP should massively reduce piracy? I don't think so. It would also drastically reduce your CONSTITUTIONALLY guananteed use of "fair use."
Granting the ABILITY to do something is almost never a problem. Doing it might be another matter. The general rule of law in this country is "innocent until proven guilty." This extends to enabling items as well. We prosecute you for ACTS, not ideas. Ripping is the IDEA. Copyright infringement is the ACT.
You accept the law because it protects you as much as it limits you. Care to use an example? I'm sure you can come up with one. Not that I totally disagree, but how about some concrete examples we can sink our teeth into huh?
I believe that the courts have ruled that sharing music with friends (specifically tapes) does not violate copyright.
Thus even rip-burn-share or borrow-rip-burn probably doesn't violate the copyright either.
Unfortunatly, we have the best government money can buy. Double-unfortunatly, greedy corps did the buying. That means we get the screwin'. Forget about the government doing anything that might deprive big business from a huge revenue stream. "They provide jobs" they say. I've got news...so do pimps - our representatives should know better than most!
Your car is the first step in creating DRUNK DRIVERS!
Your lighter is the first step in creating ARSONISTS!
Your Axe is the first step in creating AXE MURDERERS!
Your Penis is the first step in creating RAPISTS _AND_ PEDOPHILES!
Lather, rinse repeat.
If we eliminated all "first step" items, you should just ask Herr Ashcroft to lock up the whole world, and put us all in straight-jackets.
I prefer to take action that use these TOOLS for bad purposes. (notice I sad bad, not illegal. Sometimes these are defininitely not the same.) Taking away the tools simply because some might abuse them is just plain stupid, unless of course, you prefer a totally "unfree" society.
Intelligent people usually learn what they do well, and what they don't.
Dick seems to not realize the fact that abusing people isn't correct - EVER!
If he can't handle support, please do something else. If Dick is a "friend" to OSS, we don't need enemies.
Just in case yo wondered, I do have to work with clueless users. I usually bite my tongue, grind my teeth, and then SMILE and try to be helpful. Anything else really doesn't help.
Explaination doesn't make it any more correct. Manners are what my/your mother should have taught you. Obviously, Dick either didn't have a mother, or one that didn't do her job. (Or was that a father?)
THIS IS A TOTAL CROCK! -perhaps that's too strong.
What I hear you saying is that people don't want software, they want is a lease, and that I buy service.
I _*DO*_ want to own my software. In fact, I strongly advocate that my clients OWN their software too.
If what you're saying is that clients don't want just software, they want a solution, I'd agree. If the software doesn't get the job done, I don't want it. It it does, I want to OWN it!
I have a several medical offices that I consult for. When we went looking for A/R & billing software, we found quite a few vendors that wanted to sell us a service. Thus, we don't own the software, we get charged a monthly fee, the vendor upgrades the system at their whim, and we are just along for the ride. (There was even a web based billing service...but I digress)
When I raised the fact, that I didn't want our systems upgraded at the vendor whim. (If it doesn't give us something we need, we get nothing beneficial, and risk bugs ranging from catestrophic to plain annoying. The response, "We test our software. We don't have bugs." [Sheesh]
When I raised the fact that we might reach some point that we couldn't stand each other, and wanted to go our own ways. "Were great people and a great orgainization, that'll never happen." [Double Sheesh!]
When I pointed out that the vendor could raise the price anytime they wanted, and I would be stuck. Thus I wanted the system to be OWNED by the client, and if need be, we'd just use the version we were using from now till eternity. The vendor looked at us blankly, and simply couldn't understand.
To put it simply, we didn't do business with them.
Again, if you're selling a solution, I'll buy, provided the solution actually works.
If you're selling s service, that I don't own, shove off!
I've never used smoothwall, and I haven't gotten any support, so I am giving "hearsay" here...
But, from what I gather, and I have done some searching, Dick (aka Richard Morrell) seems to have a few screws loose. From all accounts, he is cranky and sometimes more than downright nasty.
His product is FREE though, you should just don your asbestos suit should you go looking for support. (View a few IRC logs etc. to get a feel for how "Dick" seems to view newbies and/or non-paying customers.)
Frankly, I'd rather do some extra work myself, than deal with people who are unsociable.
That helps, but I personally don't think it's enough. It depends on the scope of the project and many other factors, but certainly on mid-size to larger projects, I think a more structured approach would yield better results.
How many bugs do you know about that were caused by us not using ASCII or TCP? NONE!
If the OS is designed right, the ability of other programs to interact with your program is very limited. DLL hell? In my opinion, that's an instabiltiy that comes from a poor OS design. Now, when an application falls into DLL hell, it probably wouldn't be fair to hold the application vendor responsible, but it sure as hell would be fair to at least see if MS could find adequate reasons for their approach.
A good design approach helps keep the landscape stable. Most programs are around for such short periods anyway, that the arguments you present are hardly issues at all.
If you think they are, how about using some realistic examples, rather than ASCII or TCP.
Did I miss something here? I didn't ever say ANYTHING about government regulation!
The only portion of my post that mentioned government was that software vendors want government to protect their copyright, but not subject themselves to a civil court for negligence in creating that same software.
They want part of government, but not the other. If you want copyright protection, then expect to also stand trial in civil court and defend yourself for shoddy software.
It is possibly for a program to be buggy, but secure.
Only by luck. Bugs will eventually lead to security holes. That's like saying "You can have accidents in your car without injuring anyone..." and then using this logic to claim that accidents aren't that big of a deal for injuring people.
I'm sorry, but that's a stupid approach. I'm not a manager. I DO know how to program - in fact, my first programming language was C. I'm not too bad, though I know what I excell at and what I don't. I'm mostly a security and networking guru.
You can take pot-shots all you like. The fact is that a wild-west approach to design, programming and QA won't get the job done right. Heavy handed, totally inflexible management PHB's won't either. There's a middle approach that will work. But I dare say that most projects I've been on and worked with took the wild-west approach much more often than the heavy management approach.
So, if I were asked to put effort into fixing the problem in general, I would focus on fixing the wild-west approach before anything else.
How about a market based approach. Eliminate the protections software gets from civil liability.
The market would then respond to additional costs from suits that prevail and cost the vendor lots of money. Investors would be wary of investing in companies that didn't have rigorous design, testing, and production methods. Etc. etc. etc.
The jury would decide the merits of the case. Primarily, did the vendor use due dilligence in producing the software.
Now, for all the libertarians. You'll all yell that government shouldn't be involved...Well, fine, software copyright just went out the window too. Software vendors want it both ways. They want full government protection of IP and copyright. But they don't want the legal system to be involved when they make crappy software.
Take one, expect to take the other. This situation, it seems to me, to be the great fraud of the twenty-first century.
What I think you and others like you misunderstand, is that the current system of not having good code is really expensive too.
The only reason we don't realize this, is that it's not tracked and properly accounted for. If it were, and the costs associated with "bad" code were added to the acquisition costs of "bad" software, we'd all of a sudden see that "bad" code is lots more expensive.
Where's it easier to fix a problem...Design, and do it once, or after you have 5-10 or even 100 million copies running around? Sure, it takes a while, and it's not cheap to do at design time, but it makes a whole lot more sense! Not to mention that if the source is closed, only the vendor can fix it. So, either you get NO fix, or the vendor who should have fixed it in the first place, does so, and forces you to spend the resources to fix all your copies.
As I said above, civil liability would help. A jury decides if the vendor used due dilligence to produce the code. If not, the resources should be recoverable from the vendor.
Cheers!
Re:We need more disciplines like this
on
Security Engineering
·
· Score: 3, Interesting
I don't know about the certification bit...perhaps it would be a kudo, but not a requirement...hmmm...
But I do agree with the engineering approach. (By the way, I'm not an engineer, but the much maligned Business School - Information Systems graduate)
Software design, and the structure over the programming/QA/design teams seems really weak to me. To get a good program (virtually bug-free and good security...realize that these are one and the same) the structure must be quite rigid. We can't all go off coding as we wish, and just throwing the design and QA portions together on the fly.
I know I mentioned it before, but Mark Minasi's "The Software Conspiracy" is a great book that lays out these principals in overall detail. Look at the references to find more concrete/detailed examples of structured coding and design.
If we ever expect to get decent software, and secure software, we must then take a more rigorous and structured approach to software creation and design. Until this gets done, we'll all be running around in FRONT of the 8 ball trying to patch things after the fact. I can attest that this approach is a loosing one - in any disipline. Security has to be built in up front. Writing good code, and having a very structured devlopment environment need to be carefully engineered.
If we built bridges the way we build software, about 30% of all bridges would catastrophically fail. Now, you'll say, "oh software isn't as important, or at least not most software." Well, sure, that's true. But I don't think the reason we build good bridges the first time is because it could kill someone - although it's probably one of the reasons. The most likely, is that REBUILDING bridges when they fail is very expensive. When that happens, we know who to blame, and the following costs are very apparent.
What happens in software, is the costs are not tracked and traced to their source. If they were, we'd all of a sudden realize that the cost of crappy software is HUGE! I don't recall the source, but I think the estimated cost of the NIMDA virus was like 2 Billion. Lets assume that the cost was over estimated by 100%, so the real cost was only 1 billion. We're talking about some real cash here. I don't know what Windows developemt costs were, but I'd bet for an extra billion, and some real care to fix the problem, we could have had a whole lot better software.
Now finally for the market based solution. Make vendors liable for the bugs and insecurity of their software The government doesn't have to mandate a standard. A jury decides if the software vendor used due dilligence in writing good code. All I'm asking is that the atrificial protections for software be lifted. Treat it like any other good. We wouldn't expect the same functionality or lack thereof for our lawn-mowers, toasters, cars, microwaves or even our Tivo's.
When vendors find that the real costs get shifted back to them, in the form of civil negligence suits, they'll get serious about fixing the problem. Until then, they'll laugh their way to the bank, and we (the techs) get to fix the problems over and over and over again. Not only that, but WE look bad, rather than the vendor.
I didn't follow this discussion originally, but I really like your description, and the clear concise way this was described.
I would assume that you are a lawyer? (I'm sorry for all those lawyer jokes... [grin])
Is this why the software makers want UCITA so bad? I would assume that the legality of EULA's are on VERY shaky grounds, having never been tested, and they know it. Knowing this, they want some REAL legal cover. Reply if you can.
The author(s) could also assign their rights, after the fact to the FSF or anyone else.
But this brings up another point. If you assign all your rights to the FSF, you wouldn't have the right to then sell your code to some commercial entity (sans any added GPL additions) because you wouldn't have any rights other than those granted under the GPL.
Would it be possible to grant just the GPL portion of your rights to the FSF, and retain the original rights, so you could take your original code private/commercial/closed. (I don't know much about assigning rights to the FSF, so it might be that this is how it works now, but I suspect not...)
This might make it unadviseable to assign rights to the FSF if you might want to exercise your right to close or commercialize your software. Again, I do understand that you couldn't take the resulting GPL code with other's changes and close it. But you could with the original.
A small complaint. I don't think that copyright violations should be called stealing or theft. It may be a violation of the license of copyright, but I disagree with calling it stealing.
Sorry if you disagree. I don't mean to mimimize the impact, but I do disagree with the term.
By the way, very good comments. I do like the "Death Penalty" analogy. I also the barter analogy. It seems as though many argue that the GPL doesn't put any restrictions on you, but it does. (Perhaps they don't like the word "restrictions" huh? [Grin]) Anyhow, thanks for the comments.
The FSF could provide legal counsel at minimal cost to ANYONE they desire. (Remember Paula Jones - she was represented free of charge by a highly partisan group, if I recall correctly)
You can't sue _George_ for injuring _me_. Only the injured party can *ACTUALLY* sue George. *BUT* you can help me pay for or provide legal council for me to sue George.
For the FSF to say they can't help is a crock. Perhaps they choose not to, or perhaps they don't have the funds, but they CAN help.
I think the point of not letting Nusphere fix the problems after the fact, come from the following delimma.
Do we let anyone release binary modifications, and only punish them after they get caught?
The GPL becomes mostly toothless, if you can abuse as much as you like, but when you get caught, you "quick, release the source..."
So, the point can be made that Nusphere, it seems needed to be "taught a lesson" and used to make an example.
I don't know that I agree with the result, I don't really know enough about the case. But I'm sure that this is something to think about.
It's more about obeying the spirit of the law, rather than the technical license of the law. The GPL can't be too loose on enforcement, otherwise everyone will learn that you can fudge, but fix it if and when you get caught and think it might cost you...
There are TWO ditches on the road, one on each side.
If you're in the left ditch, you're not going anywhere.
If you're in the right ditch, you're not going anyhere.
Being in the ditch sucks, and if you choose to go there voluntarily I'm quite sure your IQ isn't so good.
Being a whacko leftist is just as stupid as a whacko rightie.
Politicans want us in either ditch, so we're not a threat to them. It's the ones of us ripping down the center of road that endanger the o'possom politician lumbering across.
Do you want to be stuck stiing in the ditch for the possom to piss on, or do you want to make some road-kill and get something done?
Slashdot Mirror
"The USA was the world leader in locking people up long before Ashcroft was Attorney General"
Tue enough, but it seems that our AG isn't contented enough with his current awesome power and ability to trample people's rights, and wants MORE! (Ala, indefinitely keeping inmates at Camp X-Ray without trial, or POW status?!) That should scare you.
"Perhaps we should look into the links between Comrade Clinton and the Communists?"
Or the "Burning Bush" and greedy, venal, consumer-rights bashing, capitalist pimps.
Mind you, that I didn't have much love loss for Wild Willie Clinton either.
RIPPING exists for me to enjoy my music that I PAID for in another form that that it was delivered on.
If you want to prevent copyright violations, then find those who are violating the law and prosecute them.
I guess I'm glad you're not creating the laws this country runs on... (Not that the ones we're getting these days are much better...)
As for your example, how about an IDEA that's illegal. Or basically PRIOR-RESTRAINT. We prevent you from any action that MIGHT, if taken to another step be illegal. I'm sure there are examples, but you've not used one yet.
Cheers!
Ripping music is much more directly related to music piracy than any of those stupid examples you gave anyway.
Obviously. Axe Murder doesn't have anything to do with ripping music... I do know what you MEANT though.
Did you know that the cold medicine pseudoephedrine is a primary ingredient in Meth Labs production? So should we outlaw pseudoephedrine? [Love cut and paste, I couldn't type that twice!]
So, by your logic, not being able to RIP should massively reduce piracy? I don't think so. It would also drastically reduce your CONSTITUTIONALLY guananteed use of "fair use."
Granting the ABILITY to do something is almost never a problem. Doing it might be another matter. The general rule of law in this country is "innocent until proven guilty." This extends to enabling items as well. We prosecute you for ACTS, not ideas. Ripping is the IDEA. Copyright infringement is the ACT.
You accept the law because it protects you as much as it limits you. Care to use an example? I'm sure you can come up with one. Not that I totally disagree, but how about some concrete examples we can sink our teeth into huh?
Cheers!
I believe that the courts have ruled that sharing music with friends (specifically tapes) does not violate copyright.
Thus even rip-burn-share or borrow-rip-burn probably doesn't violate the copyright either.
Unfortunatly, we have the best government money can buy. Double-unfortunatly, greedy corps did the buying. That means we get the screwin'. Forget about the government doing anything that might deprive big business from a huge revenue stream. "They provide jobs" they say. I've got news...so do pimps - our representatives should know better than most!
Cheers!
Your car is the first step in creating DRUNK DRIVERS!
Your lighter is the first step in creating ARSONISTS!
Your Axe is the first step in creating AXE MURDERERS!
Your Penis is the first step in creating RAPISTS _AND_ PEDOPHILES!
Lather, rinse repeat.
If we eliminated all "first step" items, you should just ask Herr Ashcroft to lock up the whole world, and put us all in straight-jackets.
I prefer to take action that use these TOOLS for bad purposes. (notice I sad bad, not illegal. Sometimes these are defininitely not the same.) Taking away the tools simply because some might abuse them is just plain stupid, unless of course, you prefer a totally "unfree" society.
Cheers!
Intelligent people usually learn what they do well, and what they don't.
Dick seems to not realize the fact that abusing people isn't correct - EVER!
If he can't handle support, please do something else. If Dick is a "friend" to OSS, we don't need enemies.
Just in case yo wondered, I do have to work with clueless users. I usually bite my tongue, grind my teeth, and then SMILE and try to be helpful. Anything else really doesn't help.
Cheers!
ROFL! That seems to explain it fully.
Dick is trapped in flashbacks of MP shows.
I KNEW there was some logical explaination!
Thanks!
Cheers!
[Smacks you in the nose]
"Well, you're just DAMN UGLY"
Explaination doesn't make it any more correct. Manners are what my/your mother should have taught you. Obviously, Dick either didn't have a mother, or one that didn't do her job. (Or was that a father?)
Cheers!
THIS IS A TOTAL CROCK!
-perhaps that's too strong.
What I hear you saying is that people don't want software, they want is a lease, and that I buy service.
I _*DO*_ want to own my software. In fact, I strongly advocate that my clients OWN their software too.
If what you're saying is that clients don't want just software, they want a solution, I'd agree. If the software doesn't get the job done, I don't want it. It it does, I want to OWN it!
I have a several medical offices that I consult for. When we went looking for A/R & billing software, we found quite a few vendors that wanted to sell us a service. Thus, we don't own the software, we get charged a monthly fee, the vendor upgrades the system at their whim, and we are just along for the ride. (There was even a web based billing service...but I digress)
When I raised the fact, that I didn't want our systems upgraded at the vendor whim. (If it doesn't give us something we need, we get nothing beneficial, and risk bugs ranging from catestrophic to plain annoying. The response, "We test our software. We don't have bugs." [Sheesh]
When I raised the fact that we might reach some point that we couldn't stand each other, and wanted to go our own ways. "Were great people and a great orgainization, that'll never happen." [Double Sheesh!]
When I pointed out that the vendor could raise the price anytime they wanted, and I would be stuck. Thus I wanted the system to be OWNED by the client, and if need be, we'd just use the version we were using from now till eternity. The vendor looked at us blankly, and simply couldn't understand.
To put it simply, we didn't do business with them.
Again, if you're selling a solution, I'll buy, provided the solution actually works.
If you're selling s service, that I don't own, shove off!
Cheers!
Again, be wary of Dick (aka Richard Morrell).
From what I can gather, his attitude could use some serious positive adjustments.
He does provide a FREE fw, but it wouldn't excuse his behavior IMHO, should the IRC logs and such posted on the net turn out to be true.
Cheers!
I've never used smoothwall, and I haven't gotten any support, so I am giving "hearsay" here...
But, from what I gather, and I have done some searching, Dick (aka Richard Morrell) seems to have a few screws loose. From all accounts, he is cranky and sometimes more than downright nasty.
His product is FREE though, you should just don your asbestos suit should you go looking for support. (View a few IRC logs etc. to get a feel for how "Dick" seems to view newbies and/or non-paying customers.)
Frankly, I'd rather do some extra work myself, than deal with people who are unsociable.
All standard disclaimers, YMMV etc.
Cheers!
All I can say, is
CAN I HAVE SOME OF WHAT YOU'VE BEEN SMOKING?
You're so out of touch with reality, it scares me.
That, or your reading comprehention SUCKS!
[Flame mode off]
Cheers!
That helps, but I personally don't think it's enough. It depends on the scope of the project and many other factors, but certainly on mid-size to larger projects, I think a more structured approach would yield better results.
Cheers!
Ok, I'll bite.
How many bugs do you know about that were caused by us not using ASCII or TCP? NONE!
If the OS is designed right, the ability of other programs to interact with your program is very limited. DLL hell? In my opinion, that's an instabiltiy that comes from a poor OS design. Now, when an application falls into DLL hell, it probably wouldn't be fair to hold the application vendor responsible, but it sure as hell would be fair to at least see if MS could find adequate reasons for their approach.
A good design approach helps keep the landscape stable. Most programs are around for such short periods anyway, that the arguments you present are hardly issues at all.
If you think they are, how about using some realistic examples, rather than ASCII or TCP.
Cheers!
Did I miss something here? I didn't ever say ANYTHING about government regulation!
The only portion of my post that mentioned government was that software vendors want government to protect their copyright, but not subject themselves to a civil court for negligence in creating that same software.
They want part of government, but not the other. If you want copyright protection, then expect to also stand trial in civil court and defend yourself for shoddy software.
Seems fair to me.
Cheers!
It is possibly for a program to be buggy, but secure.
Only by luck. Bugs will eventually lead to security holes. That's like saying "You can have accidents in your car without injuring anyone..." and then using this logic to claim that accidents aren't that big of a deal for injuring people.
I'm sorry, but that's a stupid approach. I'm not a manager. I DO know how to program - in fact, my first programming language was C. I'm not too bad, though I know what I excell at and what I don't. I'm mostly a security and networking guru.
You can take pot-shots all you like. The fact is that a wild-west approach to design, programming and QA won't get the job done right. Heavy handed, totally inflexible management PHB's won't either. There's a middle approach that will work. But I dare say that most projects I've been on and worked with took the wild-west approach much more often than the heavy management approach.
So, if I were asked to put effort into fixing the problem in general, I would focus on fixing the wild-west approach before anything else.
Cheers!
How about a market based approach. Eliminate the protections software gets from civil liability.
The market would then respond to additional costs from suits that prevail and cost the vendor lots of money. Investors would be wary of investing in companies that didn't have rigorous design, testing, and production methods. Etc. etc. etc.
The jury would decide the merits of the case. Primarily, did the vendor use due dilligence in producing the software.
Now, for all the libertarians. You'll all yell that government shouldn't be involved...Well, fine, software copyright just went out the window too. Software vendors want it both ways. They want full government protection of IP and copyright. But they don't want the legal system to be involved when they make crappy software.
Take one, expect to take the other. This situation, it seems to me, to be the great fraud of the twenty-first century.
Cheers!
Read above you...
What I think you and others like you misunderstand, is that the current system of not having good code is really expensive too.
The only reason we don't realize this, is that it's not tracked and properly accounted for. If it were, and the costs associated with "bad" code were added to the acquisition costs of "bad" software, we'd all of a sudden see that "bad" code is lots more expensive.
Where's it easier to fix a problem...Design, and do it once, or after you have 5-10 or even 100 million copies running around? Sure, it takes a while, and it's not cheap to do at design time, but it makes a whole lot more sense! Not to mention that if the source is closed, only the vendor can fix it. So, either you get NO fix, or the vendor who should have fixed it in the first place, does so, and forces you to spend the resources to fix all your copies.
As I said above, civil liability would help. A jury decides if the vendor used due dilligence to produce the code. If not, the resources should be recoverable from the vendor.
Cheers!
I don't know about the certification bit...perhaps it would be a kudo, but not a requirement...hmmm...
But I do agree with the engineering approach. (By the way, I'm not an engineer, but the much maligned Business School - Information Systems graduate)
Software design, and the structure over the programming/QA/design teams seems really weak to me. To get a good program (virtually bug-free and good security...realize that these are one and the same) the structure must be quite rigid. We can't all go off coding as we wish, and just throwing the design and QA portions together on the fly.
I know I mentioned it before, but Mark Minasi's "The Software Conspiracy" is a great book that lays out these principals in overall detail. Look at the references to find more concrete/detailed examples of structured coding and design.
If we ever expect to get decent software, and secure software, we must then take a more rigorous and structured approach to software creation and design. Until this gets done, we'll all be running around in FRONT of the 8 ball trying to patch things after the fact. I can attest that this approach is a loosing one - in any disipline. Security has to be built in up front. Writing good code, and having a very structured devlopment environment need to be carefully engineered.
If we built bridges the way we build software, about 30% of all bridges would catastrophically fail. Now, you'll say, "oh software isn't as important, or at least not most software." Well, sure, that's true. But I don't think the reason we build good bridges the first time is because it could kill someone - although it's probably one of the reasons. The most likely, is that REBUILDING bridges when they fail is very expensive. When that happens, we know who to blame, and the following costs are very apparent.
What happens in software, is the costs are not tracked and traced to their source. If they were, we'd all of a sudden realize that the cost of crappy software is HUGE! I don't recall the source, but I think the estimated cost of the NIMDA virus was like 2 Billion. Lets assume that the cost was over estimated by 100%, so the real cost was only 1 billion. We're talking about some real cash here. I don't know what Windows developemt costs were, but I'd bet for an extra billion, and some real care to fix the problem, we could have had a whole lot better software.
Now finally for the market based solution. Make vendors liable for the bugs and insecurity of their software The government doesn't have to mandate a standard. A jury decides if the software vendor used due dilligence in writing good code. All I'm asking is that the atrificial protections for software be lifted. Treat it like any other good. We wouldn't expect the same functionality or lack thereof for our lawn-mowers, toasters, cars, microwaves or even our Tivo's.
When vendors find that the real costs get shifted back to them, in the form of civil negligence suits, they'll get serious about fixing the problem. Until then, they'll laugh their way to the bank, and we (the techs) get to fix the problems over and over and over again. Not only that, but WE look bad, rather than the vendor.
Ok, do your damage.
Cheers!
I don't know if you'll see this...but *THANKS*
I didn't follow this discussion originally, but I really like your description, and the clear concise way this was described.
I would assume that you are a lawyer? (I'm sorry for all those lawyer jokes... [grin])
Is this why the software makers want UCITA so bad? I would assume that the legality of EULA's are on VERY shaky grounds, having never been tested, and they know it. Knowing this, they want some REAL legal cover. Reply if you can.
Thanks again!
Cheers!
The author(s) could also assign their rights, after the fact to the FSF or anyone else.
But this brings up another point. If you assign all your rights to the FSF, you wouldn't have the right to then sell your code to some commercial entity (sans any added GPL additions) because you wouldn't have any rights other than those granted under the GPL.
Would it be possible to grant just the GPL portion of your rights to the FSF, and retain the original rights, so you could take your original code private/commercial/closed. (I don't know much about assigning rights to the FSF, so it might be that this is how it works now, but I suspect not...)
This might make it unadviseable to assign rights to the FSF if you might want to exercise your right to close or commercialize your software. Again, I do understand that you couldn't take the resulting GPL code with other's changes and close it. But you could with the original.
Just some thoughts...
Cheers!
A small complaint. I don't think that copyright violations should be called stealing or theft. It may be a violation of the license of copyright, but I disagree with calling it stealing.
Sorry if you disagree. I don't mean to mimimize the impact, but I do disagree with the term.
By the way, very good comments. I do like the "Death Penalty" analogy. I also the barter analogy. It seems as though many argue that the GPL doesn't put any restrictions on you, but it does. (Perhaps they don't like the word "restrictions" huh? [Grin]) Anyhow, thanks for the comments.
Cheers!
To expand on another comment at my level...
The FSF could provide legal counsel at minimal cost to ANYONE they desire. (Remember Paula Jones - she was represented free of charge by a highly partisan group, if I recall correctly)
You can't sue _George_ for injuring _me_. Only the injured party can *ACTUALLY* sue George. *BUT* you can help me pay for or provide legal council for me to sue George.
For the FSF to say they can't help is a crock. Perhaps they choose not to, or perhaps they don't have the funds, but they CAN help.
Cheers!
I think the point of not letting Nusphere fix the problems after the fact, come from the following delimma.
Do we let anyone release binary modifications, and only punish them after they get caught?
The GPL becomes mostly toothless, if you can abuse as much as you like, but when you get caught, you "quick, release the source..."
So, the point can be made that Nusphere, it seems needed to be "taught a lesson" and used to make an example.
I don't know that I agree with the result, I don't really know enough about the case. But I'm sure that this is something to think about.
It's more about obeying the spirit of the law, rather than the technical license of the law. The GPL can't be too loose on enforcement, otherwise everyone will learn that you can fudge, but fix it if and when you get caught and think it might cost you...
Just some thoughts.
Cheers!
Let me offer you a clue!
There are TWO ditches on the road, one on each side.
If you're in the left ditch, you're not going anywhere.
If you're in the right ditch, you're not going anyhere.
Being in the ditch sucks, and if you choose to go there voluntarily I'm quite sure your IQ isn't so good.
Being a whacko leftist is just as stupid as a whacko rightie.
Politicans want us in either ditch, so we're not a threat to them. It's the ones of us ripping down the center of road that endanger the o'possom politician lumbering across.
Do you want to be stuck stiing in the ditch for the possom to piss on, or do you want to make some road-kill and get something done?
Cheers!