So let's track down all the startups these guys finance and tell them we're going to block them (the start-ups) from OUR network servers all over the world until leonardofinance.fr ceases and at least apologizes. Then let's see if we can find out who their investors are. Are there any laws in France that would allow finding that information?
The ultimate goal is to fix the broken patent system. What that fix is will probably be well debated, too. But, it is known by most of us to be broken now.
Using B&N today to win just one battle in a long war is still a step in the right direction. And if we, through our cause, make an impression on B&N, perhaps they will think twice when they get their opportunuty to abuse the system. We don't have to be permanently loyal. I'd never suggest that.
What do you mean "Let's"? I already am boycotting Amazon. I no longer go there (I actually have purchased one book from there, but now will buy from bn.com). At least one of my to-be-released-soon freewares has a book reference in its documentation, and that's already been changed to include a bn.com hyperlink. I already sold what little stock I had in AMZN (it went into EBAY, but there's a potential problem brewing there, too, so it may not stay). I guess I need to add a boycott note to my mail/news sig file.
The Christmas season is moving full steam ahead and it looks like a big one (no surprise) for on-line retail. This is the best time to steer everyone you know over to bn.com or some other on-line bookseller. Same goes for everything else, like toys, music, etc.
We need to show Barnes & Noble that we are supporting their defense by sending our business their way. Vote with dollars/marks/francs/rubles/whatever.
As the article states, the issue is that the mainframe OS/390 API porting target gets addressed late, if even at all, by the developers. So what's wrong with the mainframe OS is probably two things. One, there isn't as big a market share as UNIX has. Two, just because it's different, the cost of porting applications becomes much higher. Linux/390 is basically the low cost route to putting a POSIX/UNIX API on the mainframe hardware, which still has advantages in performing massively parallel I/O to hundreds of devices. Have you ever worked on a computer that had over 800 disk drives attached through over 30 I/O channels?
While we may have no real interest in it for home and small/startup business purposes, IBM has a real business interest in positioning their mainframe hardware investment to large corporations and banks who are moving to the newer software systems like Notes (IBM owns Lotus) and SAP.
I see it as proof that Linux is a mature OS. So it happens to save a legacy 32-bit architecture for a few more years.
I won't go so far as to say I'll boycott amazon.com forever, but I definitely will be going to Barnes And Noble now. Amazon will then have to figure out what to do to get me back after they drop the silly suit and promise to be good from now on.
As for the thousands of hours? If you get me a list of programmers that worked on that, I'll know who not to ever hire.
The SEC is the regulatory agency in the US and has authority within the US, obviously. They do have authority (but I'm not sure what rules apply) over any stock trade conducted within the US (if you are in the US when you post it on any web site, or sell it by accepting cash in the US, or send cash from the US to buy it, or send or receive stock in the US, the SEC has authority over it) over non-US stock traded inside the US. Their rules do apply to public trading (if you advertise it, then it is public, and posting on a web site or ebay is considered advertising it). Completely private exchanges generally are not covered by SEC rules. But if you offer it in a public way, it's no longer private.
You can legally sell stock that is a registered stock (SEC has all the filings and approved, and the corporation has made available the prospectus, etc). You can sell the stock outside of the exchanges and brokers if you have the certificates. You can get them from your broker.
And if you already own at least 1 share in a corporation, that corporation can usually sell you additional shares directly without a broker being involved (though not all corporations elect to do this).
Apparently, people don't count in Finland. What do you have to do in Finland to get a domain name in.fi? Form some kind of Corporation? Are people even allowed to do that? How much freedom do people in Finland really have (I know little about it, although I know in Sweden it is a lot less than in the USA). The case is entirely in the USA, so differences in the legal/ethical cultures probably don't apply. It might be a more interesting case when there is a cross-national one.
I see the BSD vs Linux debates as not really much different than the Redhat vs Slackware vs Debian vs Caldera vs Suse..... (and on and on).
Different strokes for different folks.
We should all be working together to promote the similarities as well as the diversities. Ideally I should be able to plug in different versions or totally different code for applications, daemons, libraries, and even the kernel itself. Of course what makes one system unique can impede that to a degree.
Now if I can only find someone that will really help me try to get my 3.1 CD installed, instead of telling me that my hardware, which runs Linux and Windows just fine, is broken. Maybe I should try a net install instead.
I agree that BIND should have included it since it did become standardized. The problem is not that it was included, but rather the way that it was included. The parts need to be separated in such a way that one can choose to have it, or to not have it. Just switching a flag to not compile it in is inadequate.
My disappointment was that this was not seen until people started to realize the mistake that was made and complained. But we'll see.... when BINDsansDNSSEC comes out.
I would prefer that any and every protocol involving things like encryption, authentication, or even compression, be designed so as to allow implementations to be "full" or "partial" with respect to these options. Then when to processes are negotiating their communication, they can simply negotiate what common ground they have with respect to the avaiable options, and proceed accordingly with the best actions (which may be to disconnect if no common ground exists on a certain option and the configuration requires the option be used or to not communicate).
I quoted him. That's when I mentioned performance. What I did was add additional requirements.
Yes, some commercial compilers do perform better than GCC. So what. You weigh your own requirements against what is available. My requirements currently match best with GCC. So I'll use GCC. Sure I could get some performance gains with another compiler, but at the cost of some disadvantages (things that mismatch my requirements).
Price is one of my requirements. Portability is one of my requirements. Sure, performance is a requirement, too, but it's not the exclusive one.
So you admit that IETF made a blunder in choosing to integrate a proprietary algorithm in a protocol? I'm disappointed that such a protocol wasn't just ignored until 9/2000.
As for DENTS, I've never tried it or even looked at it. OTOH, do I really need all those extra features BIND gives me? Or are we all going to be putting up our own root servers soon because of the DNS and domain takeover wars that big corporations seem to be masterminding?
Actually I do run my own root server. Doing that lets me toss in a few hundred extra top level domains. And I don't miss slashdot.org at all because I still point to the usual servers for com/edu/mil/net/org, etc, anyway.
I agree with you that DFSG isn't the only thing there is. A free choice (including to sell your software only in binary form) has to be there for everyone, and everyone should feel free to make that choice. If ISC wants to offer software on a non-open basis, I support that right.
However, ISC makes the claim to offer software that is free and open. If they had offered BIND both with, and without, the RSA code being part of the distribution, or at least made it easy to delete it (for example, if the subdirectory with that code was missing, it would just configure and compile without it fine and just not have that functionality) then I would have still considered it open software as long as people had the right to delete the RSA part and distribute that much.
Will they fix it? I'll wait and see. The longer it takes, the more they integrated it into the whole system.
Do they have to provide some other authentication scheme for secure communications between servers that have the alternate? I don't consider that a requirement. It's fine for my purposes to be able to have the latest fixes to BIND without having DNSSEC.
As for "there is a reason why often commercial compilers perform better than GCC".... name a commercial C compiler that is available for under $1000 and runs on all the major UNIX platforms (including FreeBSD, AlphaLinux, IntelLinux, and SparcLinux). Use the Preview Button! Check those URLs! Don't forget the http://!
What do you mean by "not interoperate"? Will it just fail to be secure and instead fall back to non-secure methods of zone transfer? Or will it refuse to function at all?
Choosing a proprietary algorithm is mistake #1.
Choosing only one algorithm is mistake #2.
Choosing to make it not function without such an algorithm is mistake #3.
So clue me in.... how many mistakes were actually made (or do I have to go d/l the RFC and count them myself)?
So show me how to download it without downloading the add on and I'll believe you. Use the Preview Button! Check those URLs! Don't forget the http://!
The fact is, it is NOT an "add on" as you claim. It is a "mingled in". ISC's blunder was failing to recognize that this "infected" the purity of the open source code. Yeah, yeah, I hear they are working on it. But that just proves that the original mistake was made. It would have been easier to make two variants of the package if you had that in mind when actually doing it originally. In that they failed. It's not unlike writing an application for MS Windows and then realizing later you need to port it to UNIX, but you stupidly wrote it using proprietary Win32 calls instead open POSIX calls. Poor planning means more work in the long run.
My guess is that ISC will have the RSA-free version "done" around 9/2000, and then tell everyone "oh you don't need this now".
You mean they are NOT using message digesting and verifying the signature of the has for the zone transfers? What are they doing? Signing and verifying each and every domain one by one?
The real reason is that the movie studio people, just like the music recording people, are technological idiots. It is possible to protect their intellectual property and still have a medium that's useful for people to store their own stuff.
Their stupidity could ultimately hurt them more than plain piracy alone will. Piracy will always be around and someone will always find a way to get the intellectual property into a copyable medium. But if something other than a "copyright controllable" medium becomes popular in place of DVD, then the piracy will be larger than if they work to ensure that DVD is popular.
I do know a way to make DVD protected. It would even work for the plain old CD except for the fact that CD players without the technology would not be able to play anything at all, so this would only be good for DVD. And no, I won't say how it is done. I have to protect my own intellectual property, ya know:-)
The LZW patent covers compression and perhaps decompression of data with Welch's algorithm. If your code decompresses and recompresses the data, it is arguably covered by that patent (aside from whether the algorithm can be patented at all).
If you are doing an image counter, for example, then extract the LZW part (GIF image block) from legally created digit files (one digit per image block) and construct the whole GIF for a counter using multiple image blocks in the one GIF file, with horizontal position offsets. There, you didn't do any decompression or compression.
If you can get image in a raw format, then generate LZW-free GIF, or just start using JPEG or PNG. If you need animation with that GIF, I wrote angif which you might want to use.
Whatever you do, just avoid doing any LZW compression or decompression.
They are indeed apparently claiming to own the entire GIF format. Perhaps this is because they don't know that GIF works without LZW, too. This is one reason I'm promoting an interim use of LZW-free GIF, as well as "repackaged GIF" (where a program with no LZW implementation code extracts the LZW from the image blocks and inserts it into new image blocks in another GIF file... would work for things like image counter CGIs). They seem to think they have some means to determine if a GIF they find on the web is or is not generated by a licensed program. I've actually studied the LZW algorithm well enough to write my own compressor from scratch that really worked and I see no way to easily hide anything in there that would show licensing, nor have I heard that Unisys required licensed implementations to put any license flags in the LZW data. If it turns out they are just using the GIF comment block to make the determination, then I'll just make a program that lets you edit those blocks without any compress or decompress.
If PHP uses libungif or the newest version of GD then you're in the clear as your GIFs are LZW-free. If you're on an old version of GD then get the new one and recompile PHP with that (but offhand I have no idea what it really uses).
PNG seems to work in Netscape 4.6 OK, but apparently without alpha. It did NOT work in 4.0 despite claims that it did, at least in the Linux version (the recognition was in the MIME table, but when set to use internal, I always got the broken image icon). PNG does not work at all in Netscape 3.0 which was the last version of Netscape to correctly support the -geometry option of X (which I need to correctly place windows during startup).
I've converted most of my sites to JPEG or LZW-free GIF. I'll reconvert some or all to PNG over time. PNG is my target format, but it's still rough getting there (mostly due to Netscape 4.X being a bug hive).
Some corporate deep pockets did
Doesn't it seem like patents are being treated much like domain names have been by speculators? Patent it first and sue later.
So let's track down all the startups these guys finance and tell them we're going to block them (the start-ups) from OUR network servers all over the world until leonardofinance.fr ceases and at least apologizes. Then let's see if we can find out who their investors are. Are there any laws in France that would allow finding that information?
access-list 101 deny ip 195.114.78.12 0.0.0.0 any
The ultimate goal is to fix the broken patent system. What that fix is will probably be well debated, too. But, it is known by most of us to be broken now.
Using B&N today to win just one battle in a long war is still a step in the right direction. And if we, through our cause, make an impression on B&N, perhaps they will think twice when they get their opportunuty to abuse the system. We don't have to be permanently loyal. I'd never suggest that.
Giving up is the wrong thing to do.
What do you mean "Let's"? I already am boycotting Amazon. I no longer go there (I actually have purchased one book from there, but now will buy from bn.com). At least one of my to-be-released-soon freewares has a book reference in its documentation, and that's already been changed to include a bn.com hyperlink. I already sold what little stock I had in AMZN (it went into EBAY, but there's a potential problem brewing there, too, so it may not stay). I guess I need to add a boycott note to my mail/news sig file.
The Christmas season is moving full steam ahead and it looks like a big one (no surprise) for on-line retail. This is the best time to steer everyone you know over to bn.com or some other on-line bookseller. Same goes for everything else, like toys, music, etc.
We need to show Barnes & Noble that we are supporting their defense by sending our business their way. Vote with dollars/marks/francs/rubles/whatever.
As the article states, the issue is that the mainframe OS/390 API porting target gets addressed late, if even at all, by the developers. So what's wrong with the mainframe OS is probably two things. One, there isn't as big a market share as UNIX has. Two, just because it's different, the cost of porting applications becomes much higher. Linux/390 is basically the low cost route to putting a POSIX/UNIX API on the mainframe hardware, which still has advantages in performing massively parallel I/O to hundreds of devices. Have you ever worked on a computer that had over 800 disk drives attached through over 30 I/O channels?
While we may have no real interest in it for home and small/startup business purposes, IBM has a real business interest in positioning their mainframe hardware investment to large corporations and banks who are moving to the newer software systems like Notes (IBM owns Lotus) and SAP.
I see it as proof that Linux is a mature OS. So it happens to save a legacy 32-bit architecture for a few more years.
I won't go so far as to say I'll boycott amazon.com forever, but I definitely will be going to Barnes And Noble now. Amazon will then have to figure out what to do to get me back after they drop the silly suit and promise to be good from now on.
As for the thousands of hours? If you get me a list of programmers that worked on that, I'll know who not to ever hire.
The SEC is the regulatory agency in the US and has authority within the US, obviously. They do have authority (but I'm not sure what rules apply) over any stock trade conducted within the US (if you are in the US when you post it on any web site, or sell it by accepting cash in the US, or send cash from the US to buy it, or send or receive stock in the US, the SEC has authority over it) over non-US stock traded inside the US. Their rules do apply to public trading (if you advertise it, then it is public, and posting on a web site or ebay is considered advertising it). Completely private exchanges generally are not covered by SEC rules. But if you offer it in a public way, it's no longer private.
You can legally sell stock that is a registered stock (SEC has all the filings and approved, and the corporation has made available the prospectus, etc). You can sell the stock outside of the exchanges and brokers if you have the certificates. You can get them from your broker.
And if you already own at least 1 share in a corporation, that corporation can usually sell you additional shares directly without a broker being involved (though not all corporations elect to do this).
Apparently, people don't count in Finland. What do you have to do in Finland to get a domain name in .fi? Form some kind of Corporation? Are people even allowed to do that? How much freedom do people in Finland really have (I know little about it, although I know in Sweden it is a lot less than in the USA). The case is entirely in the USA, so differences in the legal/ethical cultures probably don't apply. It might be a more interesting case when there is a cross-national one.
I see the BSD vs Linux debates as not really much different than the Redhat vs Slackware vs Debian vs Caldera vs Suse ..... (and on and on).
Different strokes for different folks.
We should all be working together to promote the similarities as well as the diversities. Ideally I should be able to plug in different versions or totally different code for applications, daemons, libraries, and even the kernel itself. Of course what makes one system unique can impede that to a degree.
Now if I can only find someone that will really help me try to get my 3.1 CD installed, instead of telling me that my hardware, which runs Linux and Windows just fine, is broken. Maybe I should try a net install instead.
I agree that BIND should have included it since it did become standardized. The problem is not that it was included, but rather the way that it was included. The parts need to be separated in such a way that one can choose to have it, or to not have it. Just switching a flag to not compile it in is inadequate.
.... when BINDsansDNSSEC comes out.
My disappointment was that this was not seen until people started to realize the mistake that was made and complained. But we'll see
I would prefer that any and every protocol involving things like encryption, authentication, or even compression, be designed so as to allow implementations to be "full" or "partial" with respect to these options. Then when to processes are negotiating their communication, they can simply negotiate what common ground they have with respect to the avaiable options, and proceed accordingly with the best actions (which may be to disconnect if no common ground exists on a certain option and the configuration requires the option be used or to not communicate).
I quoted him. That's when I mentioned performance. What I did was add additional requirements.
Yes, some commercial compilers do perform better than GCC. So what. You weigh your own requirements against what is available. My requirements currently match best with GCC. So I'll use GCC. Sure I could get some performance gains with another compiler, but at the cost of some disadvantages (things that mismatch my requirements).
Price is one of my requirements. Portability is one of my requirements. Sure, performance is a requirement, too, but it's not the exclusive one.
So you admit that IETF made a blunder in choosing to integrate a proprietary algorithm in a protocol? I'm disappointed that such a protocol wasn't just ignored until 9/2000.
As for DENTS, I've never tried it or even looked at it. OTOH, do I really need all those extra features BIND gives me? Or are we all going to be putting up our own root servers soon because of the DNS and domain takeover wars that big corporations seem to be masterminding?
Actually I do run my own root server. Doing that lets me toss in a few hundred extra top level domains. And I don't miss slashdot.org at all because I still point to the usual servers for com/edu/mil/net/org, etc, anyway.
I agree with you that DFSG isn't the only thing there is. A free choice (including to sell your software only in binary form) has to be there for everyone, and everyone should feel free to make that choice. If ISC wants to offer software on a non-open basis, I support that right.
However, ISC makes the claim to offer software that is free and open. If they had offered BIND both with, and without, the RSA code being part of the distribution, or at least made it easy to delete it (for example, if the subdirectory with that code was missing, it would just configure and compile without it fine and just not have that functionality) then I would have still considered it open software as long as people had the right to delete the RSA part and distribute that much.
Will they fix it? I'll wait and see. The longer it takes, the more they integrated it into the whole system.
Do they have to provide some other authentication scheme for secure communications between servers that have the alternate? I don't consider that a requirement. It's fine for my purposes to be able to have the latest fixes to BIND without having DNSSEC.
As for "there is a reason why often commercial compilers perform better than GCC".... name a commercial C compiler that is available for under $1000 and runs on all the major UNIX platforms (including FreeBSD, AlphaLinux, IntelLinux, and SparcLinux). Use the Preview Button! Check those URLs! Don't forget the http://!
I would consider that to be a good thing.
What do you mean by "not interoperate"? Will it just fail to be secure and instead fall back to non-secure methods of zone transfer? Or will it refuse to function at all?
Choosing a proprietary algorithm is mistake #1.
Choosing only one algorithm is mistake #2.
Choosing to make it not function without such an algorithm is mistake #3.
So clue me in.... how many mistakes were actually made (or do I have to go d/l the RFC and count them myself)?
So show me how to download it without downloading the add on and I'll believe you. Use the Preview Button! Check those URLs! Don't forget the http://!
The fact is, it is NOT an "add on" as you claim. It is a "mingled in". ISC's blunder was failing to recognize that this "infected" the purity of the open source code. Yeah, yeah, I hear they are working on it. But that just proves that the original mistake was made. It would have been easier to make two variants of the package if you had that in mind when actually doing it originally. In that they failed. It's not unlike writing an application for MS Windows and then realizing later you need to port it to UNIX, but you stupidly wrote it using proprietary Win32 calls instead open POSIX calls. Poor planning means more work in the long run.
My guess is that ISC will have the RSA-free version "done" around 9/2000, and then tell everyone "oh you don't need this now".
OK, so what alternatives to BIND are there?
And what might that reason be?
And in the mean time?
You mean they are NOT using message digesting and verifying the signature of the has for the zone transfers? What are they doing? Signing and verifying each and every domain one by one?
The real reason is that the movie studio people, just like the music recording people, are technological idiots. It is possible to protect their intellectual property and still have a medium that's useful for people to store their own stuff.
:-)
Their stupidity could ultimately hurt them more than plain piracy alone will. Piracy will always be around and someone will always find a way to get the intellectual property into a copyable medium. But if something other than a "copyright controllable" medium becomes popular in place of DVD, then the piracy will be larger than if they work to ensure that DVD is popular.
I do know a way to make DVD protected. It would even work for the plain old CD except for the fact that CD players without the technology would not be able to play anything at all, so this would only be good for DVD. And no, I won't say how it is done. I have to protect my own intellectual property, ya know
The LZW patent covers compression and perhaps decompression of data with Welch's algorithm. If your code decompresses and recompresses the data, it is arguably covered by that patent (aside from whether the algorithm can be patented at all).
If you are doing an image counter, for example, then extract the LZW part (GIF image block) from legally created digit files (one digit per image block) and construct the whole GIF for a counter using multiple image blocks in the one GIF file, with horizontal position offsets. There, you didn't do any decompression or compression.
If you can get image in a raw format, then generate LZW-free GIF, or just start using JPEG or PNG. If you need animation with that GIF, I wrote angif which you might want to use.
Whatever you do, just avoid doing any LZW compression or decompression.
They are indeed apparently claiming to own the entire GIF format. Perhaps this is because they don't know that GIF works without LZW, too. This is one reason I'm promoting an interim use of LZW-free GIF, as well as "repackaged GIF" (where a program with no LZW implementation code extracts the LZW from the image blocks and inserts it into new image blocks in another GIF file ... would work for things like image counter CGIs). They seem to think they have some means to determine if a GIF they find on the web is or is not generated by a licensed program. I've actually studied the LZW algorithm well enough to write my own compressor from scratch that really worked and I see no way to easily hide anything in there that would show licensing, nor have I heard that Unisys required licensed implementations to put any license flags in the LZW data. If it turns out they are just using the GIF comment block to make the determination, then I'll just make a program that lets you edit those blocks without any compress or decompress.
If PHP uses libungif or the newest version of GD then you're in the clear as your GIFs are LZW-free. If you're on an old version of GD then get the new one and recompile PHP with that (but offhand I have no idea what it really uses).
I've converted most of my sites to JPEG or LZW-free GIF. I'll reconvert some or all to PNG over time. PNG is my target format, but it's still rough getting there (mostly due to Netscape 4.X being a bug hive).
I don't know if it's legal, but you can do:
easy enough.