> however, they are still restricted from selling > their modified code.
Who said they had to sell it?
Come join my "Software Sharing Club" for $100/year! Just don't give the software to a non-club member or you will be kicked out and sued into oblivion...
> Companies can keep their internal modifications > secret as long as they don't distribute the > code OUTSIDE their non-disclosure boundary - > and once they distribute the object outside > that boundary, they must also distribute the > source.
> Giving the code to people INSIDE the > non-disclosure boundary is not "distribution" > within the meaning of the GPL, so it does not > confer on such people the right to disclose the > modified code without the approval of the > company's official decision-making process.
I think this is how it would be interpreted by the legal system, yes, but this leads to Mr. Rideau's problem, which is very interesting.
What happens when a company widens the boundry of non-disclosure? For example, I found a company and make some amazing modifications to the Linux source, that makes it *the* product to have. But, I want to make money off of this exclusively... So, I widen the NDA boundry. Come join my "software club" for $100 / year. You'll get all the software we make for free! However, you must sign this NDA saying you can't do this or that.
I am now widening my organzation. So the software is still being used "internally" so I do not need to disclose my modifications, or allow GPL redistribution.
Now, IANAL, so I have no idea if this would hold up in court... But I think Mr. Rideau makes an interesting point...
> I still think the best solution is an adult > TLD, maybe.adt. Block it with a browser > setting, and any XXX material found outside > a.adt site is prosecutable after a 24-hour > warning.
At one point I thought this was the best solution too, but how to you deal with redirector URLs, and things like that? Do you say that if the IP address of a server contains porn, then it can only have a.adt domain? Then there is a problem with servers with multiple IPs, and webhosting companies that host many domains on a server.
If a website is a redirector, then can the contents of the site it redirects to truly be said to be on that site?
Your facts are right, but the conclusion is flawed.. US Military is now trained using stimulu s-responce techniques, but there is a big difference between these:
Stimulus: See human sillouette on other side of hill. Responce: Take quick aim with my M-16, fire.
Stimulus: See obvious fantasy character on my computer monitor. Responce: Use my trackball to move a crosshair on top of it, press my keyboard to circle-straife, press my trackball button to fire.
Just because I can reflexively do one, doesn't mean I will ever be able to refelxively do the other. The hand-eye coordination and behaviour in entierly different.
Exactly. The scientific method teaches you that. One of the famous fallacies along these lines is the "Low self-esteem causes you to fail in school" that has dominated our education system for many years now.
Yes, there is a correlation between low self esteem and poor school performance, however, as education experts have started to realize, they had the causality mixed up. Newer, better done studies are proving that poor perfomance in school actually causes low self-esteem. (which makes sense really)
This totally goes against the education theory of the last 20 years. This deliberate building of self-esteem actually is useless, because it doesn't attack the root cause, poor school performance. Help these kids learn, and the self-esteem will follow naturally.
I can easily make a similar argument about violent video games:
"Being a violent individual causes you to play violent video games."
Makes perfect sense. Obviously, those who are violent would prefer violent entertainment. The fact is, I can't prove this, but those who say violent games cause individuals to become violent can't prove it either. I can just as easily argue the reverse.
So, to sum up, it is precisely as the original poster said: Correlation != Causality... There are some people in this world that need to recite that to themselves 50 times before they go to sleep at night..:-)
But it won't be since it disagrees with the prevailing attitude to this interview.
I have to respond to this as well... The whole responce to this interview has caused me to become very disappointed in the slashdot readers. We are supposed to advocate open source, but apparently not free speech now?
I've followed the whole AntiOnline/Happy Hacker/Packetstorm/Attrition thing for quite awhile now, and I disagree with JP on pretty much everything. But, that doesn't mean that people don't have a right to their side or the story.
Applause is due to Rob and company for taking on such a controversial interview. Heck, I'm impressed that JP was willing to do it. He has to know that it is gonna be rather hostile, as/. has been very critical of him in the past.
Hell, here's your chance to either 1) ask some technical computer security questions to see if he gets stuck, or 2) Try and get him to justify his actions that you disgree with. Take advantage of it.
Anyway, here's my questions: 1) Why do you belive you are qualified to be a computer security "expert"? What justification is there for you being concidered a credible source?
2) In dealing with the Packetstorm incident, why did you not attempt to contact Ken Williams first? Instead of going directly to his upstream, better Internet ettiquite would have been to attempt to resolve your problems with the site maintainer. If someone had a problem with your site, wouldn't you prefer that they went to you, instead of going over your head and talking directly to StarGate?
That article is kinda inaccurate there. What happned was AntiOnline was linking to another site, which then deliberately set up a redirector so that any hits that came from AntiOnline, went to another page, which made it look as if it was cracked. Since no AntiOnline system was actually compromised, you can't really call it cracked. I suppose you could say AntiOnline was *hacked*, in the "clever prank" definition though.
I have my problems with things JP has said/done, the Packetstorm thing in particular, but the security on the site is set up pretty damn well. Now whether it is secure because of any "expertise" on behalf of JP, or from highly paid professionals with his VC money, is another story altogether.
Oh, you can read about AntiOnline's security setup here.
The ISP where I used to work was actually a company that owned several ISPs. Three different domains with three different naming conventions.
One was the cities that the POP was in: laf for Lafayette; ind for Indianapolis, etc...
One was Star Trek characters: The DNS servers were kirk and spock for example.
And the other was kinda a mixture. The shell servers were named after planets, the web servers used a numeric system (vs-1, vs-2, etc...) but the primary authentication server was called cthulu, the DNS servers, kitten and cerebus. Weird.
The place I work for now uses a numeric system (company_name1.company_name.net, company_name2.company_name.net) which I find kinda annoying. You just have to remeber that mail is on 3, www is really 6, and so on.
But the best naming story is from where I used to work. We had a NT server that was the fileserver/proxy for our private IP PC LAN, called ntserver. Well, when they replaced it with a FreeBSD box, the name wasn't very appropriate. Since everyone was happy to see the buggy NT box go, its replacement got names ntsucks. However, that was changed when we realized that our customers that were telneted into our customer shell servers could see that we were logged on to those machines from ntsucks.isp.net when we were on doing maintenance. So someone decided we needed to change it to something that wouldn't offend NT using customers... Kid you not.. (It became tek, for "Technical Support")
You know, I actually tried putting the email address of the nytimes.com domain's administrative contact and it told me the email was invalid... So I'm betting that has been tried before....:-)
Hmm... I think I will create an account on one of my UNIX boxen, create an NYT account with that, ask to receive all the spam, and set up a forward to send all the spam to a whole bunch of nytimes.com addresses...
As much as it may hurt for some users, An @Home/AOL deal would be great for the 2 companies.
@Home gets accsess to AOL's 17 million loyal customers. Some of which are so loyal they won't switch, even for broadband. It would give them AOL's name recognition, and clout.
AOL would get accsess to the obvious. Broadband. Which will eventually kill any and all ISPs that don't hop on the bandwagon. It make take awhile, but eventually dialup will die, and those who don't offer something better, will die with it.
I've always wondered why these companies didn't sit down to talk earlier.
"95 out of 100 Microsoft customers will choose Windows"
Err... Duh. I bet most Red Hat customers would choose Red Hat too. What bold statements you make.
If you want Windows enough to buy it, then that's what you want. You could care less if another OS is in the box for free. If you want Linux, you can get it for free anyway.
And how many Windows users even *buy* windows? They either have it installed when they buy a computer, or they buy an "upgrade" CD. And just because you can install the Win98 upgrade over Win95, don't mean you can install either from scratch.
Wow. I find this all rather fasinating. I work for a CLEC that also happens to be in the ISP business, as a tech support supervisor. While we don't "officially" support Linux, we have a number of techs that use it and help out when we get calls from people that use it. In fact, we have a plan in place to offer true Linux support within the year. I'm even working on the training materials for it. A number of our employees, in both tech support and NOC, read slashdot. We have no policy for watching people that use "alternative" OS's or their shell accounts. In fact, in some of the areas we service, the shell accounts are rather popular.
I can understand an ISP not wanting to train people to support UNIX, but this "blacklisting" of people that use it is insane.
They may have said that you can't run other OS's, but they can't stop you. I have a few friends that have GTE ADSL and they run FreeBSD and Linux servers off of their ADSL lines. When the GTE guy shows up for the install he didn't even touch the computers. Just set up the ADSL "modem" which essentially acts like a CSU/DSU does for a T1, made sure there was a connection from the ADSL modem out, and left it to them to wire up the Ethernet.
Comcast@Home tries to tell you that to have more than one computer connected to the net you have to purchace additional IP's at $6.95 / month. Uh, whatever... You can just set up NAT. Those product specs are aimed at the average Windoze luser. As long as whatever type of broadband accsess you get consists of a line in that hits some kinda "box" and sends ethernet out, you can run whatever you want behind it. There is no way for them to stop you, or even know what you are doing.
Try installing windows on a system with no FAT partitions on it.... Guess what, you have to use fdisk too. The reason why Linux installs need to partition the hdd is cause not to many computers ship with ext2fs partitions.... And yes, to upgrade from Win 95 to Win 98 all you have to do is "setup.exe" and follow directions. Well, when I recently upgraded from Red Hat 5.0 to 5.2 all I did was insert a boot disk, reboot, select "upgrade" from a menu, and follow some directions. Real difficult And at least my Linux upgrade didn't require me to reboot the machine *5* times to recognize my hardware like the last time I installed win98!
Ooh.... Hadn't though of that one.... A friend of mine wanted to give NT a try, so I gave him one of the copies I had lying around. (sad, isn't it. I think I have 2 or 3 of them still, and I never use them.) I gave him a win NT 4 cd and the boot floppies... It took over a week before he could even get his cd-rom recognized! And people say linux is hard.....
All the Slate article proves is that it is difficult to install a new OS on a computer with an existing OS for a beginner.... I'd like to see them try this experiment: Get a computer pre-configured with Linux. (from VA Research or a similar place)Then install Windows on it.... Ok, step one, repartion the hard drive. Oh, wait, there is *no* documentation for fdisk in the win 98 manual, is there! And if you know how to use it, you are still stuck cause MS-fdisk won't even see your Linux partition to delete them.... Looks like you have to boot Linux again to run it's fdisk to set up your windows partitions! I bet we would find that it is a ton easier to add linux to a windows system than it is to add windows to a linux system. And I haven't even gotten to the whole win-overwrote-my-MBR-and-now-I-can't-boot-linux issue.... This article was pure FUD, plain and simple. The depressing thing is, people will believe it.
Slashdot Mirror
> however, they are still restricted from selling
> their modified code.
Who said they had to sell it?
Come join my "Software Sharing Club" for $100/year! Just don't give the software to a non-club member or you will be kicked out and sued into oblivion...
This is *very* dangerous, IMO.
-Wintermute
> Companies can keep their internal modifications
> secret as long as they don't distribute the
> code OUTSIDE their non-disclosure boundary -
> and once they distribute the object outside
> that boundary, they must also distribute the
> source.
> Giving the code to people INSIDE the
> non-disclosure boundary is not "distribution"
> within the meaning of the GPL, so it does not
> confer on such people the right to disclose the
> modified code without the approval of the
> company's official decision-making process.
I think this is how it would be interpreted by the legal system, yes, but this leads to Mr. Rideau's problem, which is very interesting.
What happens when a company widens the boundry of non-disclosure? For example, I found a company and make some amazing modifications to the Linux source, that makes it *the* product to have. But, I want to make money off of this exclusively...
So, I widen the NDA boundry. Come join my "software club" for $100 / year. You'll get all the software we make for free! However, you must sign this NDA saying you can't do this or that.
I am now widening my organzation. So the software is still being used "internally" so I do not need to disclose my modifications, or allow GPL redistribution.
Now, IANAL, so I have no idea if this would hold up in court... But I think Mr. Rideau makes an interesting point...
-Wintermute
Guess I should have read a little furthur down first... :-)
-Wintermute
PI has a deal with Matox to get out some XFree86 G400 drivers. They are supposedly gonna be open source and support DualHead.
See www.tech-report.com for the details.
-Wintermute
> I still think the best solution is an adult .adt. Block it with a browser .adt site is prosecutable after a 24-hour
.adt domain? Then there is a problem with servers with multiple IPs, and webhosting companies that host many domains on a server.
> TLD, maybe
> setting, and any XXX material found outside
> a
> warning.
At one point I thought this was the best solution too, but how to you deal with redirector URLs, and things like that? Do you say that if the IP address of a server contains porn, then it can only have a
If a website is a redirector, then can the contents of the site it redirects to truly be said to be on that site?
The law would have to be worded *very* carefully.
-Wintermute, I hope that made sense...
Right... But Wrong...
Your facts are right, but the conclusion is flawed.. US Military is now trained using stimulu
s-responce techniques, but there is a big difference between these:
Stimulus: See human sillouette on other side of hill.
Responce: Take quick aim with my M-16, fire.
Stimulus: See obvious fantasy character on my computer monitor.
Responce: Use my trackball to move a crosshair on top of it, press my keyboard to circle-straife, press my trackball button to fire.
Just because I can reflexively do one, doesn't mean I will ever be able to refelxively do the other. The hand-eye coordination and behaviour in entierly different.
-Wintermute
> Correlation != causation
:-)
Exactly. The scientific method teaches you that. One of the famous fallacies along these lines is the "Low self-esteem causes you to fail in school" that has dominated our education system for many years now.
Yes, there is a correlation between low self esteem and poor school performance, however, as education experts have started to realize, they had the causality mixed up. Newer, better done studies are proving that poor perfomance in school actually causes low self-esteem. (which makes sense really)
This totally goes against the education theory of the last 20 years. This deliberate building of self-esteem actually is useless, because it doesn't attack the root cause, poor school performance. Help these kids learn, and the self-esteem will follow naturally.
I can easily make a similar argument about violent video games:
"Being a violent individual causes you to play violent video games."
Makes perfect sense. Obviously, those who are violent would prefer violent entertainment. The fact is, I can't prove this, but those who say violent games cause individuals to become violent can't prove it either. I can just as easily argue the reverse.
So, to sum up, it is precisely as the original poster said: Correlation != Causality... There are some people in this world that need to recite that to themselves 50 times before they go to sleep at night..
-Wintermute
But it won't be since it disagrees with the prevailing attitude to this interview.
/. has been very critical of him in the past.
I have to respond to this as well... The whole responce to this interview has caused me to become very disappointed in the slashdot readers. We are supposed to advocate open source, but apparently not free speech now?
I've followed the whole AntiOnline/Happy Hacker/Packetstorm/Attrition thing for quite awhile now, and I disagree with JP on pretty much everything. But, that doesn't mean that people don't have a right to their side or the story.
Applause is due to Rob and company for taking on such a controversial interview. Heck, I'm impressed that JP was willing to do it. He has to know that it is gonna be rather hostile, as
Hell, here's your chance to either 1) ask some technical computer security questions to see if he gets stuck, or 2) Try and get him to justify his actions that you disgree with. Take advantage of it.
Anyway, here's my questions:
1) Why do you belive you are qualified to be a computer security "expert"? What justification is there for you being concidered a credible source?
2) In dealing with the Packetstorm incident, why did you not attempt to contact Ken Williams first? Instead of going directly to his upstream, better Internet ettiquite would have been to attempt to resolve your problems with the site maintainer. If someone had a problem with your site, wouldn't you prefer that they went to you, instead of going over your head and talking directly to StarGate?
-Wintermute
That article is kinda inaccurate there. What happned was AntiOnline was linking to another site, which then deliberately set up a redirector so that any hits that came from AntiOnline, went to another page, which made it look as if it was cracked. Since no AntiOnline system was actually compromised, you can't really call it cracked. I suppose you could say AntiOnline was *hacked*, in the "clever prank" definition though.
I have my problems with things JP has said/done, the Packetstorm thing in particular, but the security on the site is set up pretty damn well. Now whether it is secure because of any "expertise" on behalf of JP, or from highly paid professionals with his VC money, is another story altogether.
Oh, you can read about AntiOnline's security setup here.
-Wintermute
PDF (337k)
Gzipped ASCII (118k)
The ISP where I used to work was actually a company that owned several ISPs. Three different domains with three different naming conventions.
One was the cities that the POP was in: laf for Lafayette; ind for Indianapolis, etc...
One was Star Trek characters: The DNS servers were kirk and spock for example.
And the other was kinda a mixture. The shell servers were named after planets, the web servers used a numeric system (vs-1, vs-2, etc...) but the primary authentication server was called cthulu, the DNS servers, kitten and cerebus. Weird.
The place I work for now uses a numeric system (company_name1.company_name.net, company_name2.company_name.net) which I find kinda annoying. You just have to remeber that mail is on 3, www is really 6, and so on.
But the best naming story is from where I used to work. We had a NT server that was the fileserver/proxy for our private IP PC LAN, called ntserver. Well, when they replaced it with a FreeBSD box, the name wasn't very appropriate. Since everyone was happy to see the buggy NT box go, its replacement got names ntsucks. However, that was changed when we realized that our customers that were telneted into our customer shell servers could see that we were logged on to those machines from ntsucks.isp.net when we were on doing maintenance. So someone decided we needed to change it to something that wouldn't offend NT using customers... Kid you not.. (It became tek, for "Technical Support")
-Wintermute
You know, I actually tried putting the email address of the nytimes.com domain's administrative contact and it told me the email was invalid... So I'm betting that has been tried before.... :-)
Hmm... I think I will create an account on one of my UNIX boxen, create an NYT account with that, ask to receive all the spam, and set up a forward to send all the spam to a whole bunch of nytimes.com addresses...
As much as it may hurt for some users, An @Home/AOL deal would be great for the 2 companies.
@Home gets accsess to AOL's 17 million loyal customers. Some of which are so loyal they won't switch, even for broadband. It would give them AOL's name recognition, and clout.
AOL would get accsess to the obvious. Broadband. Which will eventually kill any and all ISPs that don't hop on the bandwagon. It make take awhile, but eventually dialup will die, and those who don't offer something better, will die with it.
I've always wondered why these companies didn't sit down to talk earlier.
-Wintermute
"95 out of 100 Microsoft customers will choose Windows"
Err... Duh. I bet most Red Hat customers would choose Red Hat too. What bold statements you make.
If you want Windows enough to buy it, then that's what you want. You could care less if another OS is in the box for free. If you want Linux, you can get it for free anyway.
And how many Windows users even *buy* windows? They either have it installed when they buy a computer, or they buy an "upgrade" CD. And just because you can install the Win98 upgrade over Win95, don't mean you can install either from scratch.
Wow. I find this all rather fasinating. I work for a CLEC that also happens to be in the ISP business, as a tech support supervisor. While we don't "officially" support Linux, we have a number of techs that use it and help out when we get calls from people that use it. In fact, we have a plan in place to offer true Linux support within the year. I'm even working on the training materials for it. A number of our employees, in both tech support and NOC, read slashdot. We have no policy for watching people that use "alternative" OS's or their shell accounts. In fact, in some of the areas we service, the shell accounts are rather popular.
I can understand an ISP not wanting to train people to support UNIX, but this "blacklisting" of people that use it is insane.
They may have said that you can't run other OS's, but they can't stop you. I have a few friends that have GTE ADSL and they run FreeBSD and Linux servers off of their ADSL lines. When the GTE guy shows up for the install he didn't even touch the computers. Just set up the ADSL "modem" which essentially acts like a CSU/DSU does for a T1, made sure there was a connection from the ADSL modem out, and left it to them to wire up the Ethernet.
Comcast@Home tries to tell you that to have more than one computer connected to the net you have to purchace additional IP's at $6.95 / month. Uh, whatever... You can just set up NAT. Those product specs are aimed at the average Windoze luser. As long as whatever type of broadband accsess you get consists of a line in that hits some kinda "box" and sends ethernet out, you can run whatever you want behind it. There is no way for them to stop you, or even know what you are doing.
And MS never bought a GUI from Xerox, tried to copy a GUI from Apple, or based the NT kernel off of VMS...... right.
Try installing windows on a system with no FAT partitions on it.... Guess what, you have to use fdisk too. The reason why Linux installs need to partition the hdd is cause not to many computers ship with ext2fs partitions.... And yes, to upgrade from Win 95 to Win 98 all you have to do is "setup.exe" and follow directions. Well, when I recently upgraded from Red Hat 5.0 to 5.2 all I did was insert a boot disk, reboot, select "upgrade" from a menu, and follow some directions. Real difficult And at least my Linux upgrade didn't require me to reboot the machine *5* times to recognize my hardware like the last time I installed win98!
Ooh.... Hadn't though of that one.... A friend of mine wanted to give NT a try, so I gave him one of the copies I had lying around. (sad, isn't it. I think I have 2 or 3 of them still, and I never use them.) I gave him a win NT 4 cd and the boot floppies... It took over a week before he could even get his cd-rom recognized! And people say linux is hard.....
All the Slate article proves is that it is difficult to install a new OS on a computer with an existing OS for a beginner.... I'd like to see them try this experiment:
Get a computer pre-configured with Linux. (from VA Research or a similar place)Then install Windows on it.... Ok, step one, repartion the hard drive. Oh, wait, there is *no* documentation for fdisk in the win 98 manual, is there! And if you know how to use it, you are still stuck cause MS-fdisk won't even see your Linux partition to delete them.... Looks like you have to boot Linux again to run it's fdisk to set up your windows partitions! I bet we would find that it is a ton easier to add linux to a windows system than it is to add windows to a linux system. And I haven't even gotten to the whole win-overwrote-my-MBR-and-now-I-can't-boot-linux issue.... This article was pure FUD, plain and simple. The depressing thing is, people will believe it.