Here is an example: although the GIMP web site is hosted in the US, several of the most active developers are living and working in Europe. So after some discussion with the other developers, I decided to close the home page of www.gimp.org. Even if you live and work in the U.S., you could be affected because some software developed by many contributors from all around the world could cease to exist because of software patents affecting these developers.
Allowing patents on software and business methods in the U.S. was a bad idea. Several studies have shown that software patents in the U.S. have had a negative impact on the industry. But so far, the damage has been limited because these patents are not accepted worldwide. So in many cases, a company that was more interested in litigation than real innovation was not able to sue the developers who (unknowingly) infringed on its patents because some or all of them were not in the U.S. But this could be different if these patents were valid worldwide (WIPO). The patent holders would have a bigger chance to hit the small companies and small developers, especially those working on Open Source or Free Software (because they cannot buy a license or pay royalties for all potential users).
This protest against the changes in the European law would also be a good way to promote a necessary reform of the U.S. patent system. A growing number of economists in the U.S. are raising their voice against the patentability of software. A clear sign coming from Europe could also help the U.S. industry in the long run.
Some people hide in their shell when their neighbors are threatened. Some people try to help them because they know that they could be affected directly or indirectly. The choice is yours.
Slashdot isn't based in Europe, so I doubt they would join the demo.
Well, the GIMP website is not hosted in Europe either, but a large number of GIMP developers are living and working in Europe. So I have replaced the home page by an appropriate message, as you can see by visiting it now.
I doubt that this will be that great a deal - instead, look for the W3C to become less and less relevant going forward.
Unfortunately, this is already happening. Look at the Web Services area. OASIS has taken the lead for the standardization of most Web Services technologies working on top of SOAP (UDDI, ebXML, SAML, XACML, etc.) Is it a coincidence that OASIS has a RAND policy instead of a royalty-free policy?
Is is a coincidence that some large companies pulled out of W3C and moved to OASIS? Of course, there are other reasons than the patent policy. The high membership fees of the W3C may be working against it. Also, some political wars between IBM, Microsoft and Sun can explain why some discussions started in some W3C working groups were killed and moved to OASIS. But still, I am hoping that W3C can regain some of the influence that it has lost in the recent months. Otherwise, the royalty-free policy may be largely irrelevant.
The headline and the text of the Slashdot submission are wrong. Sony paid $16M to Forgent Network some time
ago as part of an out-of-court settlement. But this article is about a different company: St. Clair Intellectual Property Consultants Inc. of Grosse Pointe, Mich. That company is the one that has won
$25M in court.
Please read the text of the article and the press release appended to it, and you will see a different story than the one given in the Slashdot submission. The press release contains a quote saying: "this lawsuit is similar to out-of-court settlements reached by Forgent Networks and Dallas based law firm [...]" but the two cases are different. They are both bad, but the companies are different.
According to Microsoft's Ivo Salmre, quoted in the article: "When a.Net component is installed onto the machine, the Global Assembly Cache looks at its version, its public key, its language information and creates a strong name for the component."
In a few cases in the past, backwards compatibility has been (slightly) broken by service packs and security fixes. How will they deal with that? Presumably, the public key of a library can be affected by a patch. If an application uses the strong binding to request a specific version of a DLL, does that mean that it will keep its own copy of the DLL without the patches? Or will it have to deal with potential incompatibilities introduced by the patches? How "strong" will this binding be?
And by the way, this idea looks rather similar to the usual UNIX shared libraries that allow an application to bind to libpng.so (version doesn't matter), libpng.so.1 (version 1 required) or libpng.so.1.0.89 (specific version and patchlevel required). The proposed system for DLLs does not seem to be very different from that.
Another advantage of not letting posts on future articles is that it will encourage subscribers who see the article early to actually think about their posts, instead of just firing something off.
Yes, this would be a very good thing. Give people more time to think about what they could write, instead of encouraging people to post as early as possible because they know that the first submissions are usually modded higher (if you exclude the FP trolls).
But instead of allowing posting, there could be a simple feedback system that would allow subscribers to contribute something to the articles that are not public yet...
Each future article could contain a very simple voting form, like this:
Good
Bad
Duplicate
Each subscriber has one vote (but can change it until the story is posted). The results of the vote would be seen by the editors during that feedback period, but would not be seen by anybody else. This gives an opportunity for the editors to reconsider the decision to post if too many people do not like the story, and it can also be an early warning system for duplicates. Once the story is posted, the vote ends and all data structures used during the feedback period could be discarded (to save some resources). Maybe the overall results of the vote could be kept somewhere.
It would also be possible to provide more options than the three examples shown above (e.g., option similars to the moderation system, or additional things like "Slow site" or "Better article can be found elsewhere"). If we want something more sophisticated, it could be possible for the subscribers to add a short comment (less than 100 characters) to their vote. This would also be seen by the editors, but not by anybody else. And it would also be discarded once the feedback period ends (when the article is posted).
The general idea is that the feedback period should be used for giving feedback to the editors. This should be simple and should not provide too many options so that the editors are not overwhelmed with the feedback they get. That's why I suggest some kind of voting system instead of allowing comments to be posted and visible by all.
Good question. The initial fork occured a few years ago, when a team of developers started to work on Gimp16 for adding 16-bit color channels into the GIMP. This was needed for editing films, but it was not appropriate at that time to integrate the new code into the core so this became a fork. However, the GIMP developers expected that the main GIMP code and Gimp16 (which was later called Hollywood Gimp, Gimp's Film Version and then FilmGimp) would converge later and that the core of GIMP 2.0 would support most of the features that were required for film editing (mainly 16-bit and floating point color channels). The user interface may have kept some differences due to the specific needs of film editors.
Unfortunately, for various reasons (political as well as technical), the gap between GIMP and FilmGimp widened a few months ago, soon after Robin Rowe took over the maintenance of FilmGimp and resurected the project that had not been very active in the last two years. There was some discussion about the fork on the GIMP developers mailing list in November and December last year (you can check the list archives here).
The conclusion was that the FilmGimp developers were not interested in bringing their code closer to the current GIMP, and there are too few people working on GEGL (the library that should bring 16-bit and float channels into the GIMP) so it will still take a while before the main GIMP code is suitable for film editing. I am still sad about the way this whole thing happened. I tried to bring the two projects closer to each other, but obviously I failed.
I don't know how the future will look like. I wish the CinePaint developers good luck (honestly) and I hope that they will be successful. This fork of the GIMP suits the specific needs of the film industry and I hope that many studios will be able to use it and do great stuff with it. However, I expect that most people interested in photo editing, web design and general graphic editing will find that the GIMP is more suitable for them than CinePaint.
By the way, if you want to know some of the plans for the future of the GIMP, I suggest that you have a look at developer.gimp.org. In particular, read the plans for the future of the GIMP, posted in December 2000 but still valid. Besides this, the developers mailing list and the list of enhancements submitted to Bugzilla are good sources of information.
But this sets a bad precedent. This is the first time (that I'm aware of) that a browser manufacturer intentionally made a browser that does NOT show what the server is sending to me.
This is exactly what they are trying to prove: any browser manufacturer could do this kind of things and everybody would lose in the end. Here is a quote from the Opera press release:
"This is a joke. However, we are trying to make an important point. The MSN site is sending Opera users what appear to be intentionally distorted pages. The Bork edition illustrates how browsers could also distort content, as the Bork edition does. The real point here is that the success of the Web depends on software and Web site developers behaving well and rising above corporate rivalry."
So they are fully aware of the consequences. They are releasing this as a joke to show how silly this could be and also to raise the awareness of this potential problem.
in reality, very few corporate apps are going to be run on multiple platforms
I disagree: my main workstation is running Solaris. I also have a Linux laptop on which I work when I am not in my office. My boss and most other people in the department are using
Win2K, although several of them are also working
on Linux. The corporate applications that I use
daily are cross-platform. Some of them are web-based in order to have an easy way to support all platforms, but some others (such as the one that we use for time reporting) are native applications that have been developed with support for multiple platforms.
So from my point of view, it does make sense to develop cross-platform applications. If you are using a good toolkit, this is not very difficult anyway.
Re:what about the technologies ? legal issues?
on
Dealers of Lightning
·
· Score: 0, Offtopic
I'd be curious to the voracity of that claim
I'd be careful, if I were you. You may be curious, but don't stay too close to that claim! If it is voracious, it might bite you.
The pad of older data in a 46 byte header can't contain a lot of data.
In addition, you also have to be able to get this
data. As mentioned by mmol_6453, you can only get
the Ethernet frames if you are on the same LAN or if
the victim is tunneling the Ethernet frames through
a VPN. If there is an IP router between you and the
victim, you will probably not be able to get the leaked bytes (and I am
glad to see that several routers listed in the
CERT advisory are not vulnerable).
The advisory says: "the leaked information may originate from dynamic kernel memory, from static system memory allocated to the device driver, or from a hardware buffer located on the network interface card.". If you are using a
broadcast Ethernet medium, then the leaked
information collected from the static memory of
the device driver or from the hardware buffer on
the NIC will probably be much less than what could
be collected by running a packet sniffer on the
same Ethernet segment, because the leaked bytes
will come from previous packets. However, this is
different if you are running a switched Ethernet
network (not broadcast) because the packet
sniffers are less useful in this case.
As I see it, the only real potential for
information leakage comes from the device drivers
that are leaking bytes from the dynamically
allocated kernel memory. Then you could get
almost anything from that machine, not only
something that is supposed to be sent over the
network. On the other hand, it is probably very
hard to predict what will be leaked.
It would be
interesting if the advisory could give a list of
operating systems that are leaking random
information from the kernel versus those that are
leaking information from the previous packets
(in the driver or in the NIC). I would be more
worried about the former than the latter.
Hmmm... You say that the elections for the GNOME board have been dominated by Sun, Ximian and RedHat. This is correct to some extent, although this should not be surprising if you take into account how much these companies have contributed to GNOME. But then you say that the "community of free volunteers has been basically sqashed" and the board is "controlled by major corporations." Did you forget that Ximian is a small company (not a major corporation) that was founded by several of the volunteers who started the GNOME project? They have decided to create a company because they have chosen this way of making a living. But they
started as free volunteers like you and me (although I do not know who you are, but I hope that you are an active contributor and not just someone who complains about something without having participated to it).
You could object that some of these companies are trying to promote their own interests in the GNOME board and are going against the community of volunteers. As far as I know, this is definitely not the case. I am generally happy with the decisions taken by the GNOME board and I am not associated with any of these companies. Also, I would like to mention that there is no "community of free volunteers" going against the corporate developers. There is only a community of GNOME developers (or several communities, if you take into account the applications such as the GIMP, Sodipodi and so on) and this community includes some people who are paid for working on these programs as well as many volunteers. And in almost every case, everybody is happy with that.
Read some serious newspapers.and you will notice they duplicate news as well, everytime maybe a bit from another view point, maybe a bit another focus, but the news is duplicated [...]
When several articles in the same newspaper talk
about the same thing, you get to read different
articles that have been written by one or several
authors. There is some new information in each of
these articles.
However, this is not the case when duplicate stories are posted here: there is not much information in the Slashdot story. Most of the time, is it only a link to the relevant article published on some other site. When two stories point to the same article, then the duplicates do not give you anything new.
So having two different articles about the same thing is not a problem because you can enjoy reading each article separately. But having two stories (two short paragraphs) on Slashdot pointing to exactly the same article is a waste of time and resources. And it feeds the trolls...
with xdocs MS is porting their MS Word.doc format to XML which will greatly increase interoperability on word docs
This conclusion is unfortunately wrong.
XML code can be just as proprietary as any
binary code, unless the corresponding
Schema or DTD is published together with good
instructions describing how to use it. Without
this, then having XML or having some unstructured
binary file does not make a big difference, except
for the fact that the XML code is human-readable
(readable does not mean understandable).
XML can help the interoperability between
products, to some extent. But only if the DTDs
are public so that the meaning of the XML code can
be decyphered.
Note that there are already a number of MS Word
import/export filters that are not too bad,
despite the fact that the file format is binary
(or RTF) and the specs are not published. I do
not think that XML will help them in any way. On
the contrary, one could think that this radical
change in file format may just be another way to
delay the competition.
I agree: W3C is under challenge from OASIS. One reason may be the membership fee, but this is probably not the most important one. OASIS does not have a royalty-free policy. Several companies are actively encouraging other W3C members to move some proposed standards to OASIS instead of W3C for that
reason.
So I am happy that the W3C has adopted this
patent-free policy. But there is a serious risk that more and more protocols and formats will be
standardized in OASIS (or IETF) instead of W3C
because the companies promoting these standards
do not want to give up on their patents.
I hope that someone will moderate you up because your comment is interesting, even if I disagree with it.
You are right about the fact that some people deserve to be paid for their work. Let's skip the debate about whether the price of CDs and DVDs is right or whether the publishers reward the artists correctly. In the end, we (the consumers) should pay for the content that we would like to listen to or watch. If the artist or publisher did not intend to distribute their work for free, then copying it from someone else is stealing, plain and simple. This is wrong and should be prevented or punished appropriately. So I fully agree with you on that part.
But there are many problems in the technical implementation and in the privacy risks associated with this DRM method (and most others).
Here is an example: if I read the description correctly, OpenMG X requires the player to exchange some information with a server in order to allow the content to be played. Do you remember DivX? Not the video codec, but the company that tried to rent encrypted discs and is now dead. If the company goes bust, then the players cannot contact the server and you would probably not be able to play the content that you paid for.
I also expect some problems if I would like to listen to the music or watch the video while I am sitting in a plane with my laptop or in some remote area from which I cannot connect to the server.
Also, as noted by many others, there are many copies that are not illegal. The protection scheme will probably allow some of them (maybe only one copy to another protected device) but will not allow all of the copies that would normally be considered as "fair use". I buy lots of CDs but I always make a copy of them if I want to listen to them in my car (otherwise they could be damaged by heat or dust). I also encode them as Ogg or MP3 if I want to listen to them on my laptop (because carrying the CDs when I travel is not very convenient). Note that only one of these copies is used at a given time. I bet that most of these copies would not be possible with this protected content. So if OpenMG X is successful and if in the future most of the content is protected or if the "best stuff" is only released with OpenMG X protection (or released first in that format and much later in some unprotected format), then my choices as a consumer would be significantly limited. I know that these reasons are often used by freeloaders who shout "fair use rights" whenever they are afraid that they would have to pay for the stuff that they are getting for free from their friends, but believe me: I'm not one of them and I am really concerned about the choices that would be available to me in the future.
Regarding the privacy risks, you do not have to be paranoid to imagine some of the things that could be done with your listening habits or with the "criminal record" listing the the number of times that you attempted to copy something. Beyond the marketing tricks (more junk mail or e-mail about "related products" that I am not interested in) there could be some issues if your personal data is not suitably protected or if it is incorrect because someone else used your equipment. Imagine, for example, that a friend of yours uses your player while you are not there and attempts to copy some content that you bought. He will not be able to do it (e.g., because the owner of the target device would not be the same as the owner of the content) but this attempt may be logged. If this happens several times, you could be blacklisted and later you would not be able to play your music anymore. This could happen if all devices or content could be linked to their "owner" (correctly or not).
You can also think about what could happen to your personal data if the company that owns the server does not protect it correctly. Or if the management of the company changes or if it is bought by another company. Do you want a future employer to know that you have been listening to or viewing some things that are not politically correct?
There are many other risks and problems associated with this and other DRM methods, but I should probably stop here because this comment is getting a bit long already...
It sounds like that as long as you don't use the MAGIQLIP software, you're fine.
Almost. The problem is: if you are not using the MAGIQLIP software, then you will not be able to listen to the music at all.
Tell me if I'm missing something here,
or they just thought up another half-assed copyright protection scheme.
Well, you will probably be missing the music. All this DRM stuff only makes sense if the the content is distributed is some encrypted format, in order to ensure that it is only possible to play it with software or devices that are DRM-enabled. Although I haven't seen it, I assume that this MAGIQLIP software is designed to play some files that have been encrypted, and the decryption key is only available if the player can validate your credentials by contacting Sony's server.
So if you do not use their software or if the software cannot communicate with Sony's server (e.g., because you are not connected to the Internet or because you are using a firewall), then you cannot listen to the music.
Basically, patenting something in software and then GPLing it means you're the only one who can write the code that does that, [...]
Sorry, but you are wrong. See my previous comment in this thread. According to section 7 of the GPL, you must distribute your code with a royalty-free license or not distribute it at all (or not under the GPL).
So now Secure Computing Corporation (SCC) can do several things:
Confirm their previous statement: "There will be no restrictions on the use of TE by the Linux open source community.". TE is the Type Enforcement technology on which they have a patent. Basically, the usage of TE in any GPL code (commercial or not) would be allowed.
Claim that they did not understand what the GPL implied and say that they never intended to allow a royalty-free usage of their patent in GPL software. They could then try to warn all those who have received a copy of their code and tell them to stop distributing it.
They have no other choice: either they comply with the GPL and allow royalty-free usage in any GPL code, or they cancel their contributions and stop the SELinux project. Given the nature of their contribution, the third option (releasing binary-only drivers under a proprietary license enforcing the patents without modifying the kernel) cannot be applied, so the options are limited for them.
Where is the problem exactly with patents in GPL-ed software?
You should read the GPL. In the introduction, it states: "We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all." For the details, you should check sections 7 and 8 of the GPL.
If a company has a patent on a software technique and writes and distributes GPL code to implement it, anybody can use this code. Or can't they?
Let's put this in a different way: if a company distributes some code for which they own a patent under the GPL, then the only way for them to comply with section 7 of the GPL is to allow royalty-free usage, redistribution and modification of the code. Otherwise, they would not be allowed to distribute the code under the GPL. They would have to stop distributing it, or change the license.
The article did say something about DRM, although this was only a brief mention. Quote: "The common standard also will solve such business issues as digital rights management and payment, officials said."
You can also have a look at the FAQ on the OMA web site:
Q: Which key enabling technologies are the priorities in the Open Mobile Alliance?
A: The companies involved in the alliance will decide the key enabling technologies jointly. However, it is evident that Multimedia Messaging (MMS), Java and WAP 2.0/XHTML browsing are among the most relevant ones. Some other technologies driving the mobile services market include service enablers such as Digital Rights Management (DRM), authentication, location and presence identification and device management.
It is not a secret that one of the (many) goals of the OMA is to allow some content providers such as Disney to sell their content to mobile users. That's why DRM is listed as one of the key enablers that will be standardized by the OMA.
Congratulations, you just defined why we have such a thing as patents. Patents protect an invention so that the inventor can enjoy a limited amount of time of exclusivity. If the author wants to let others use his invention for the cost of a license, great. If the poor free software developers can't afford the license, tough.
Wrong, wrong, wrong... Sure, the officially stated goal of the patent system is to protect the inventor (especially the "small inventor" who does not want his hard work to be stolen by a large company). Unfortunately, there is a big difference between theory and practice and we all know that in the end, the patents are disputed in courts where the companies sue and counter-sue each other. In many cases, the one who has the deepest pockets wins because the "small inventor" is forced to drop the case or to settle for something that less than ideal. Of course, eliminating patents completely would not be a good solution either, but at least the current patent system should be updated
Regarding the license fees, there is another (bigger) problem: the free software developers cannot pay the license fees because the licensing terms are almost always incompatible with the free distribution of the software. Most of the licensing mechanisms are based on royalties or on some variable fees that depend on the number of copies sold or distributed. This is not compatible with free software because the authors have no way to know how many copies of their software will be distributed. This does not work either if someone takes an existing software package and modifies it to create something new: who pays the license fees in this case? The original author who is not even aware of this new software? The new author? But then, when should the new software be considered "different enough" from the original package?
[...] ALL together forming the OS. In this sense, Linux/KDE and Linux/GNOME both constitute OSes on which the web browser cannot be removed.
There must be something wrong with my PC at home, then. I am running GNOME on my old PC and I did not install Nautilus, Mozilla or Galeon because they take too much disk space. Nothing prevented me from installing my GNOME system without these components. I do have lynx and the old Netscape 4.x installed, but I can remove them or replace them at any time because they are not integrated with the desktop environment.
So even if you consider Linux/KDE or Linux/GNOME as the "whole OS", you still get a system that allows you to remove or replace the browser at any time.
NOT TRUE. yast2 has several frontends, you can use it with a curses interface.
Yes, I know. This was already the case with SuSE 7.3. But in 7.3, several YaST2 packages (modules) had a depency on Qt, so installing YaST2 also meant that I would have been forced to install Qt, which is something that I wanted to avoid. Maybe this dependency has been removed in 8.0, so that I can still install my system without the Qt libraries. I have the SuSE 8.0 CDs and DVD now, so I will check that soon.
Also, why anyone would use SuSE and be opposed to QT libs is indeed quite strange. No rational decision obviously.
As I wrote in my previous comment, this is a personal choice. But there are some rational reasons for that: some of the machines on which I run Linux are rather old and have a rather slow CPU and not much disk space. Avoiding Qt makes sense on these machines. Also, some machines are used for cross-platform application development. Avoiding the installation of Qt is the best way to ensure that nothing that we develop will have some accidental dependencies on Qt (because there are still some licensing problems when developing Qt applications for Windows).
Even if I do not want to install the Qt libraries, there are some good reasons to use SuSE: it has a very good installation process, it comes with tons of applications pre-packaged, it has a good support for internationalization and the filesystem encryption is included in the default kernel. The last point is important for me because at work we use Linux on several laptops. If a laptop is stolen, then we loose one machine but at least we can be reasonably sure that no thief will be able to find some confidential data on the computer.
Slashdot Mirror
Here is an example: although the GIMP web site is hosted in the US, several of the most active developers are living and working in Europe. So after some discussion with the other developers, I decided to close the home page of www.gimp.org. Even if you live and work in the U.S., you could be affected because some software developed by many contributors from all around the world could cease to exist because of software patents affecting these developers.
Allowing patents on software and business methods in the U.S. was a bad idea. Several studies have shown that software patents in the U.S. have had a negative impact on the industry. But so far, the damage has been limited because these patents are not accepted worldwide. So in many cases, a company that was more interested in litigation than real innovation was not able to sue the developers who (unknowingly) infringed on its patents because some or all of them were not in the U.S. But this could be different if these patents were valid worldwide (WIPO). The patent holders would have a bigger chance to hit the small companies and small developers, especially those working on Open Source or Free Software (because they cannot buy a license or pay royalties for all potential users).
This protest against the changes in the European law would also be a good way to promote a necessary reform of the U.S. patent system. A growing number of economists in the U.S. are raising their voice against the patentability of software. A clear sign coming from Europe could also help the U.S. industry in the long run.
Some people hide in their shell when their neighbors are threatened. Some people try to help them because they know that they could be affected directly or indirectly. The choice is yours.
I replaced that paragraph by something more appropriate.
Well, the GIMP website is not hosted in Europe either, but a large number of GIMP developers are living and working in Europe. So I have replaced the home page by an appropriate message, as you can see by visiting it now.
Unfortunately, this is already happening. Look at the Web Services area. OASIS has taken the lead for the standardization of most Web Services technologies working on top of SOAP (UDDI, ebXML, SAML, XACML, etc.) Is it a coincidence that OASIS has a RAND policy instead of a royalty-free policy?
Is is a coincidence that some large companies pulled out of W3C and moved to OASIS? Of course, there are other reasons than the patent policy. The high membership fees of the W3C may be working against it. Also, some political wars between IBM, Microsoft and Sun can explain why some discussions started in some W3C working groups were killed and moved to OASIS. But still, I am hoping that W3C can regain some of the influence that it has lost in the recent months. Otherwise, the royalty-free policy may be largely irrelevant.
You are right. A better title for this article would be: "St.Clair wins $25M from Sony for digital camera patent".
The headline and the text of the Slashdot submission are wrong. Sony paid $16M to Forgent Network some time ago as part of an out-of-court settlement. But this article is about a different company: St. Clair Intellectual Property Consultants Inc. of Grosse Pointe, Mich. That company is the one that has won $25M in court.
Please read the text of the article and the press release appended to it, and you will see a different story than the one given in the Slashdot submission. The press release contains a quote saying: "this lawsuit is similar to out-of-court settlements reached by Forgent Networks and Dallas based law firm [...]" but the two cases are different. They are both bad, but the companies are different.
According to Microsoft's Ivo Salmre, quoted in the article: "When a .Net component is installed onto the machine, the Global Assembly Cache looks at its version, its public key, its language information and creates a strong name for the component."
In a few cases in the past, backwards compatibility has been (slightly) broken by service packs and security fixes. How will they deal with that? Presumably, the public key of a library can be affected by a patch. If an application uses the strong binding to request a specific version of a DLL, does that mean that it will keep its own copy of the DLL without the patches? Or will it have to deal with potential incompatibilities introduced by the patches? How "strong" will this binding be?
And by the way, this idea looks rather similar to the usual UNIX shared libraries that allow an application to bind to libpng.so (version doesn't matter), libpng.so.1 (version 1 required) or libpng.so.1.0.89 (specific version and patchlevel required). The proposed system for DLLs does not seem to be very different from that.
Yes, this would be a very good thing. Give people more time to think about what they could write, instead of encouraging people to post as early as possible because they know that the first submissions are usually modded higher (if you exclude the FP trolls).
But instead of allowing posting, there could be a simple feedback system that would allow subscribers to contribute something to the articles that are not public yet...
Each future article could contain a very simple voting form, like this:
Each subscriber has one vote (but can change it until the story is posted). The results of the vote would be seen by the editors during that feedback period, but would not be seen by anybody else. This gives an opportunity for the editors to reconsider the decision to post if too many people do not like the story, and it can also be an early warning system for duplicates. Once the story is posted, the vote ends and all data structures used during the feedback period could be discarded (to save some resources). Maybe the overall results of the vote could be kept somewhere.
It would also be possible to provide more options than the three examples shown above (e.g., option similars to the moderation system, or additional things like "Slow site" or "Better article can be found elsewhere"). If we want something more sophisticated, it could be possible for the subscribers to add a short comment (less than 100 characters) to their vote. This would also be seen by the editors, but not by anybody else. And it would also be discarded once the feedback period ends (when the article is posted).
The general idea is that the feedback period should be used for giving feedback to the editors. This should be simple and should not provide too many options so that the editors are not overwhelmed with the feedback they get. That's why I suggest some kind of voting system instead of allowing comments to be posted and visible by all.
Good question. The initial fork occured a few years ago, when a team of developers started to work on Gimp16 for adding 16-bit color channels into the GIMP. This was needed for editing films, but it was not appropriate at that time to integrate the new code into the core so this became a fork. However, the GIMP developers expected that the main GIMP code and Gimp16 (which was later called Hollywood Gimp, Gimp's Film Version and then FilmGimp) would converge later and that the core of GIMP 2.0 would support most of the features that were required for film editing (mainly 16-bit and floating point color channels). The user interface may have kept some differences due to the specific needs of film editors.
Unfortunately, for various reasons (political as well as technical), the gap between GIMP and FilmGimp widened a few months ago, soon after Robin Rowe took over the maintenance of FilmGimp and resurected the project that had not been very active in the last two years. There was some discussion about the fork on the GIMP developers mailing list in November and December last year (you can check the list archives here). The conclusion was that the FilmGimp developers were not interested in bringing their code closer to the current GIMP, and there are too few people working on GEGL (the library that should bring 16-bit and float channels into the GIMP) so it will still take a while before the main GIMP code is suitable for film editing. I am still sad about the way this whole thing happened. I tried to bring the two projects closer to each other, but obviously I failed.
I don't know how the future will look like. I wish the CinePaint developers good luck (honestly) and I hope that they will be successful. This fork of the GIMP suits the specific needs of the film industry and I hope that many studios will be able to use it and do great stuff with it. However, I expect that most people interested in photo editing, web design and general graphic editing will find that the GIMP is more suitable for them than CinePaint.
By the way, if you want to know some of the plans for the future of the GIMP, I suggest that you have a look at developer.gimp.org. In particular, read the plans for the future of the GIMP, posted in December 2000 but still valid. Besides this, the developers mailing list and the list of enhancements submitted to Bugzilla are good sources of information.
This is exactly what they are trying to prove: any browser manufacturer could do this kind of things and everybody would lose in the end. Here is a quote from the Opera press release:
So they are fully aware of the consequences. They are releasing this as a joke to show how silly this could be and also to raise the awareness of this potential problem.
I disagree: my main workstation is running Solaris. I also have a Linux laptop on which I work when I am not in my office. My boss and most other people in the department are using Win2K, although several of them are also working on Linux. The corporate applications that I use daily are cross-platform. Some of them are web-based in order to have an easy way to support all platforms, but some others (such as the one that we use for time reporting) are native applications that have been developed with support for multiple platforms.
So from my point of view, it does make sense to develop cross-platform applications. If you are using a good toolkit, this is not very difficult anyway.
I'd be careful, if I were you. You may be curious, but don't stay too close to that claim! If it is voracious, it might bite you.
Oh, you meant veracity, not voracity? Sorry... ;-)
In addition, you also have to be able to get this data. As mentioned by mmol_6453, you can only get the Ethernet frames if you are on the same LAN or if the victim is tunneling the Ethernet frames through a VPN. If there is an IP router between you and the victim, you will probably not be able to get the leaked bytes (and I am glad to see that several routers listed in the CERT advisory are not vulnerable).
The advisory says: "the leaked information may originate from dynamic kernel memory, from static system memory allocated to the device driver, or from a hardware buffer located on the network interface card.". If you are using a broadcast Ethernet medium, then the leaked information collected from the static memory of the device driver or from the hardware buffer on the NIC will probably be much less than what could be collected by running a packet sniffer on the same Ethernet segment, because the leaked bytes will come from previous packets. However, this is different if you are running a switched Ethernet network (not broadcast) because the packet sniffers are less useful in this case.
As I see it, the only real potential for information leakage comes from the device drivers that are leaking bytes from the dynamically allocated kernel memory. Then you could get almost anything from that machine, not only something that is supposed to be sent over the network. On the other hand, it is probably very hard to predict what will be leaked.
It would be interesting if the advisory could give a list of operating systems that are leaking random information from the kernel versus those that are leaking information from the previous packets (in the driver or in the NIC). I would be more worried about the former than the latter.
Hmmm... You say that the elections for the GNOME board have been dominated by Sun, Ximian and RedHat. This is correct to some extent, although this should not be surprising if you take into account how much these companies have contributed to GNOME. But then you say that the "community of free volunteers has been basically sqashed" and the board is "controlled by major corporations." Did you forget that Ximian is a small company (not a major corporation) that was founded by several of the volunteers who started the GNOME project? They have decided to create a company because they have chosen this way of making a living. But they started as free volunteers like you and me (although I do not know who you are, but I hope that you are an active contributor and not just someone who complains about something without having participated to it).
You could object that some of these companies are trying to promote their own interests in the GNOME board and are going against the community of volunteers. As far as I know, this is definitely not the case. I am generally happy with the decisions taken by the GNOME board and I am not associated with any of these companies. Also, I would like to mention that there is no "community of free volunteers" going against the corporate developers. There is only a community of GNOME developers (or several communities, if you take into account the applications such as the GIMP, Sodipodi and so on) and this community includes some people who are paid for working on these programs as well as many volunteers. And in almost every case, everybody is happy with that.
When several articles in the same newspaper talk about the same thing, you get to read different articles that have been written by one or several authors. There is some new information in each of these articles.
However, this is not the case when duplicate stories are posted here: there is not much information in the Slashdot story. Most of the time, is it only a link to the relevant article published on some other site. When two stories point to the same article, then the duplicates do not give you anything new.
So having two different articles about the same thing is not a problem because you can enjoy reading each article separately. But having two stories (two short paragraphs) on Slashdot pointing to exactly the same article is a waste of time and resources. And it feeds the trolls...
selectspec wrote:
This conclusion is unfortunately wrong. XML code can be just as proprietary as any binary code, unless the corresponding Schema or DTD is published together with good instructions describing how to use it. Without this, then having XML or having some unstructured binary file does not make a big difference, except for the fact that the XML code is human-readable (readable does not mean understandable).
XML can help the interoperability between products, to some extent. But only if the DTDs are public so that the meaning of the XML code can be decyphered.
Note that there are already a number of MS Word import/export filters that are not too bad, despite the fact that the file format is binary (or RTF) and the specs are not published. I do not think that XML will help them in any way. On the contrary, one could think that this radical change in file format may just be another way to delay the competition.
I agree: W3C is under challenge from OASIS. One reason may be the membership fee, but this is probably not the most important one. OASIS does not have a royalty-free policy. Several companies are actively encouraging other W3C members to move some proposed standards to OASIS instead of W3C for that reason.
So I am happy that the W3C has adopted this patent-free policy. But there is a serious risk that more and more protocols and formats will be standardized in OASIS (or IETF) instead of W3C because the companies promoting these standards do not want to give up on their patents.
I hope that someone will moderate you up because your comment is interesting, even if I disagree with it.
You are right about the fact that some people deserve to be paid for their work. Let's skip the debate about whether the price of CDs and DVDs is right or whether the publishers reward the artists correctly. In the end, we (the consumers) should pay for the content that we would like to listen to or watch. If the artist or publisher did not intend to distribute their work for free, then copying it from someone else is stealing, plain and simple. This is wrong and should be prevented or punished appropriately. So I fully agree with you on that part.
But there are many problems in the technical implementation and in the privacy risks associated with this DRM method (and most others).
Here is an example: if I read the description correctly, OpenMG X requires the player to exchange some information with a server in order to allow the content to be played. Do you remember DivX? Not the video codec, but the company that tried to rent encrypted discs and is now dead. If the company goes bust, then the players cannot contact the server and you would probably not be able to play the content that you paid for.
I also expect some problems if I would like to listen to the music or watch the video while I am sitting in a plane with my laptop or in some remote area from which I cannot connect to the server.
Also, as noted by many others, there are many copies that are not illegal. The protection scheme will probably allow some of them (maybe only one copy to another protected device) but will not allow all of the copies that would normally be considered as "fair use". I buy lots of CDs but I always make a copy of them if I want to listen to them in my car (otherwise they could be damaged by heat or dust). I also encode them as Ogg or MP3 if I want to listen to them on my laptop (because carrying the CDs when I travel is not very convenient). Note that only one of these copies is used at a given time. I bet that most of these copies would not be possible with this protected content. So if OpenMG X is successful and if in the future most of the content is protected or if the "best stuff" is only released with OpenMG X protection (or released first in that format and much later in some unprotected format), then my choices as a consumer would be significantly limited. I know that these reasons are often used by freeloaders who shout "fair use rights" whenever they are afraid that they would have to pay for the stuff that they are getting for free from their friends, but believe me: I'm not one of them and I am really concerned about the choices that would be available to me in the future.
Regarding the privacy risks, you do not have to be paranoid to imagine some of the things that could be done with your listening habits or with the "criminal record" listing the the number of times that you attempted to copy something. Beyond the marketing tricks (more junk mail or e-mail about "related products" that I am not interested in) there could be some issues if your personal data is not suitably protected or if it is incorrect because someone else used your equipment. Imagine, for example, that a friend of yours uses your player while you are not there and attempts to copy some content that you bought. He will not be able to do it (e.g., because the owner of the target device would not be the same as the owner of the content) but this attempt may be logged. If this happens several times, you could be blacklisted and later you would not be able to play your music anymore. This could happen if all devices or content could be linked to their "owner" (correctly or not).
You can also think about what could happen to your personal data if the company that owns the server does not protect it correctly. Or if the management of the company changes or if it is bought by another company. Do you want a future employer to know that you have been listening to or viewing some things that are not politically correct?
There are many other risks and problems associated with this and other DRM methods, but I should probably stop here because this comment is getting a bit long already...
Almost. The problem is: if you are not using the MAGIQLIP software, then you will not be able to listen to the music at all.
Well, you will probably be missing the music. All this DRM stuff only makes sense if the the content is distributed is some encrypted format, in order to ensure that it is only possible to play it with software or devices that are DRM-enabled. Although I haven't seen it, I assume that this MAGIQLIP software is designed to play some files that have been encrypted, and the decryption key is only available if the player can validate your credentials by contacting Sony's server.
So if you do not use their software or if the software cannot communicate with Sony's server (e.g., because you are not connected to the Internet or because you are using a firewall), then you cannot listen to the music.
Sorry, but you are wrong. See my previous comment in this thread. According to section 7 of the GPL, you must distribute your code with a royalty-free license or not distribute it at all (or not under the GPL).
So now Secure Computing Corporation (SCC) can do several things:
They have no other choice: either they comply with the GPL and allow royalty-free usage in any GPL code, or they cancel their contributions and stop the SELinux project. Given the nature of their contribution, the third option (releasing binary-only drivers under a proprietary license enforcing the patents without modifying the kernel) cannot be applied, so the options are limited for them.
You should read the GPL. In the introduction, it states: "We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all." For the details, you should check sections 7 and 8 of the GPL.
Let's put this in a different way: if a company distributes some code for which they own a patent under the GPL, then the only way for them to comply with section 7 of the GPL is to allow royalty-free usage, redistribution and modification of the code. Otherwise, they would not be allowed to distribute the code under the GPL. They would have to stop distributing it, or change the license.
The article did say something about DRM, although this was only a brief mention. Quote: "The common standard also will solve such business issues as digital rights management and payment, officials said."
You can also have a look at the FAQ on the OMA web site:
It is not a secret that one of the (many) goals of the OMA is to allow some content providers such as Disney to sell their content to mobile users. That's why DRM is listed as one of the key enablers that will be standardized by the OMA.
Wrong, wrong, wrong... Sure, the officially stated goal of the patent system is to protect the inventor (especially the "small inventor" who does not want his hard work to be stolen by a large company). Unfortunately, there is a big difference between theory and practice and we all know that in the end, the patents are disputed in courts where the companies sue and counter-sue each other. In many cases, the one who has the deepest pockets wins because the "small inventor" is forced to drop the case or to settle for something that less than ideal. Of course, eliminating patents completely would not be a good solution either, but at least the current patent system should be updated
Regarding the license fees, there is another (bigger) problem: the free software developers cannot pay the license fees because the licensing terms are almost always incompatible with the free distribution of the software. Most of the licensing mechanisms are based on royalties or on some variable fees that depend on the number of copies sold or distributed. This is not compatible with free software because the authors have no way to know how many copies of their software will be distributed. This does not work either if someone takes an existing software package and modifies it to create something new: who pays the license fees in this case? The original author who is not even aware of this new software? The new author? But then, when should the new software be considered "different enough" from the original package?
There must be something wrong with my PC at home, then. I am running GNOME on my old PC and I did not install Nautilus, Mozilla or Galeon because they take too much disk space. Nothing prevented me from installing my GNOME system without these components. I do have lynx and the old Netscape 4.x installed, but I can remove them or replace them at any time because they are not integrated with the desktop environment.
So even if you consider Linux/KDE or Linux/GNOME as the "whole OS", you still get a system that allows you to remove or replace the browser at any time.
Yes, I know. This was already the case with SuSE 7.3. But in 7.3, several YaST2 packages (modules) had a depency on Qt, so installing YaST2 also meant that I would have been forced to install Qt, which is something that I wanted to avoid. Maybe this dependency has been removed in 8.0, so that I can still install my system without the Qt libraries. I have the SuSE 8.0 CDs and DVD now, so I will check that soon.
As I wrote in my previous comment, this is a personal choice. But there are some rational reasons for that: some of the machines on which I run Linux are rather old and have a rather slow CPU and not much disk space. Avoiding Qt makes sense on these machines. Also, some machines are used for cross-platform application development. Avoiding the installation of Qt is the best way to ensure that nothing that we develop will have some accidental dependencies on Qt (because there are still some licensing problems when developing Qt applications for Windows).
Even if I do not want to install the Qt libraries, there are some good reasons to use SuSE: it has a very good installation process, it comes with tons of applications pre-packaged, it has a good support for internationalization and the filesystem encryption is included in the default kernel. The last point is important for me because at work we use Linux on several laptops. If a laptop is stolen, then we loose one machine but at least we can be reasonably sure that no thief will be able to find some confidential data on the computer.