Free software actually is about innovation. It's not necessarily about major innovations, but difference between Free Software and freeware is really that Free Software is available to be innovated upon. The idea is that just having software is not very worthwhile if you are unable to make it solve your problem, and everyone has a slightly different problem to solve. Making software solve a new problem is innovation, no matter who does it.
Quote from Jeff Garzik, the networking device maintainer for the Linux kernel, who is not a git developer:
Under BitKeeper, I made these repositories available merged together into one big "netdev-2.6" repository because it was too time consuming to make the individual 50+ trees publicly available. With git, developers have direct access to the individual trees.
That's innovation, and it was only possible because the end user had the necessary access. BitKeeper was good software, and it was available to most people (including Jeff), but this innovation wasn't possible in the closed environment.
You can't really trust a person, either; the patents might be inherited by someone less moral, or they might be seized in payment for debts, or something. You can't really trust a patent holder; you can only really trust a license. The Nokia press release doesn't really count, but it's hard to blame them: there isn't a OSS-industry-standard patent license like the GPL is for copyright that we can request that they license their patents under.
Which do you think has the logical position? The FSF says that software patents are bad, but people have to play the system as it stands, and the best defense for Free Software against companies with software patents is to have software patents as well. Nokia supports software patents as defensive patents, but they're primarily a software-on-dedicated-hardware company worried about hardware companies with patents. The only instance I know of Nokia enfocing their patents is over GSM and GPRS, which is fundamentally a hardware thing (at least, nobody's built a purely software system that does RF fast enough to be in that band). Remember that the company that had the LZW patent (which applied to GIF) was fundamentally a hardware company, and mostly licensed it to companies producing communications devices using compression. It seems reasonable for Nokia to want something in their field to cross-license with companies that do some software and primarily research hardware.
Now, if there were a substantial lobby against having patents of any sort, and Nokia didn't join it, their defensive patent argument would be inconsistent.
(My personal position is that software should be exempt from the possibility of infringing patents; software patents should be allowed, but they would only be meaningful if the techniques were implemented as hardware, and patented hardware techniques implemented as software would by safe. Patents fundamentally apply to techniques, and a given technique could be used in either software or hardware. The right defense for sfotware is, therefore, an exemption for software implementations, rather than an attempt to prohibit patents which specify software).
The FSF currently advises free software developers to get defensive software patents (Eben Moglen mentioned this during linux.conf.au, as reported partway through the article about his talk on this page). Of course, there's a difference between simply not asserting patents and licensing them under appropriate terms. It would be nice if the FSF were to propose a license for making patents available to GPL code, so that we get actual standardized licenses instead of vague statements.
Your problem is that you installed Knoppix on the machines. Really, it's meant to be run off of the CD (and only one CD per sysadmin). That means that people won't generally have to deal with the extra productivity except in emergencies.
These countries are also supposed to enforce the laws that require people to pay for Microsoft's products. Software is not a good business to be in if you owe the courts more than any possible judgement against copyright infringers, especially if people don't consider paying for your software the honest thing to do. It's not like selling steel or something where you can just not ship it to people who aren't going to pay.
Actually, there are a number of non-SUM banks in MA. US Trust is one, and there's the one with the lighthouse logo whose name I can't remember. You actually have to find your bank if you use one of these and don't want to pay surcharges. It's basically, if you use a Big Bank, you need to use your bank's ATM, and if you use a small bank, you need to use a small bank's ATM.
(Also, SUM is actually a subset of NYCE, not a separate network, and there are other ATMs that charge everyone in certain convenient locations; e.g., the one at Tavern on the Square in Central Square, or the Wainwright in Harvard Square (maybe just one of their machines, though))
Aside from using xscale in iPods or other handhelds, they could be looking at Intel for graphics and sound hardware, USB drivers, PCI bridges, or any of a number of other purposes. It's not like Intel exclusively makes x86 processors.
I believe that all of the Linux distributions that support automatic updates support having them come from a local server which mirrors the distro server. That's one advantage of GPL software; it is legally completely fine to redistribute it, and vendors are less likely to make it inconvenient.
There isn't any trust between servers, but a server knows that any identity at a particular server trusts that server, and therefore that the remote server is sufficient to authenticate that identity. If I claim to be iabervon@slashdot.org, and slashdot.org agrees, that should be enough for anybody. Of course, some other site is unlikely to care if I'm iabervon@slashdot.org or not, unless, during an interaction with the site, I tell it to authorize iabervon@slashdot.org as me, because I (the user in the interaction) trust slashdot to identify me.
For example, if I post a comment on groklaw as iabervon@slashdot.org, I could edit it with the same identity but other people wouldn't be able to convince groklaw that they were me, even without any particular trust between sites. If I trust my own server to identify me, and I trust Amazon to have my credit card info, and I tell Amazon that I trust my server to identify me (before I give it my credit card info), it doesn't need to trust my server itself.
There is no feasible way of identifying a unique person presently. Fortunately, few entities care (one is the IRS, which wants to prevent individuals from splitting their income and lowering their tax brackets; another is law enforcement, which doesn't want people to be able to start over with a new identity).
For most things, the only thing that matters is that the site can determine that some entity that claims to have been there before is back. Identity is about telling that things are the same, not about telling that things are different.
Do you think that a WLAN card chipset should be patentable if it uses an ASIC but not if it's all microcontroller? What about an FPGA? What about an ASIC that was originally designed as an FPGA program and then produced more efficiently an an ASIC in the devices people buy.
Personally, I think that the right thing is to simply exempt anything running on a CPU which, as distributed, can be made to run different instructions from patent infringement claims. Let people patent compression techniques all they want, so long as the patent is only meaningful against special-purpose devices built for that technique.
Linus probably would do something about this if all the cryptographers in the whole world said it mattered. But, so far, Percival is the only person who seems to think it's actually a problem. Nothing on the subject from Bruce Schneier. And, while he says Linus should talk to the SELinux people, he probably doesn't realize that they have almost certainly heard about this and didn't comment in the thread.
It wouldn't be hard to have an option to prevent processes with different owners from running on the same physical CPU at the same time. It wouldn't even affect the case that Linus mentioned. But cryptographers don't seem to think it's a plausible attack anyway, aside from carefully arranged conditions. The discussion was entirely over whether it would be less foolish to prevent it in the kernel or in userspace, and nobody seems to have argued that anything should be done at all.
The thing that Dvorak is missing is this it wasn't the Linux community that got O'Gara fired. It was primarily the other editorial staff and the advertizers. Dvorak seems to think that doing anything you can to get people to read your column is okay, even if it offends your publishers and your advertizers. He seems to miss that having your ad appear to go along with criminal conduct is not something that most people are willing to pay for. Nobody wants to put product placement in the Abu Gharib photos, even though they've been seen by many people.
Of course, he understands this himself, even if he doesn't base his article on it. He could get a lot more "veiled threats of lawsuits" to report about if he wanted by stealing mail from the Linux community or stalking people, but he's smart enough not to do it himself or report the details which would make him liable and his publisher uncomfortable.
So you're looking for a solution for automatically updating non-Microsoft software on Windows? I wouldn't be too surprised if it was impossible, and you're unlikely to get much good advise from Slashdot on the subject.
Except, perhaps, if you have a sufficiently fast network, you could possibly have everyone run the software in question off of a central fileserver, which you could then update easily by hand. Having just upgraded my Linux Firefox using tar accidentally ("I'll just untar this, then change my symlinks to point to the new version, then restart Firefox. Oops, all of the different versions have the same directory names in their tarballs. Hmm, Firefox crashes if you overwrite all its files. Oh well, the new version starts up fine..."), it seems like it's not necessary to run programs to upgrade if you can change what people run directly.
Cream soda spilled into a Model M will slow it down for a while. It'll be fine electrically, but the keys won't come back up unless you pull on them. After some time, the stickiness will wear away, and it'll be back to normal. They don't quite laugh at everything; there are some things they grumble about.
Actually, you wouldn't be substantially damaged by ultraviolet radiation in this simulation; it simulates lowering the speed of light, which means that radiation of a given wavelength has less energy by a factor of 22 million, assuming that it colors things based on wavelength, which is reasonable for most sources of colored light; although radiation from state transitions would have the same energy and frequency, so the sun would be mostly invisible (gamma-ray wavelength) and TV transmitters would glow visibly.
This is not the case (and it would be difficult for a security flaw of this sort to escape notice, because if there was some way of getting values out of the cache that aren't in your address space, it would happen all the time accidentally).
It turns out to be based on figuring out how much of your cache has been invalidated, which corresponds to how much memory the other process has used, which, for OpenSSL, is different depending on whether it used a multiply or a sqaure, which depends on bits in the private key it is using.
It is essentially similar to the power analysis attacks on smartcards, except with memory usage instead of power consumption.
This only affects a relatively odd combination of features, so it's probably not a big deal for actual users. On the other hand, it is a flaw in the standard to claim that you can get confidentiality without integrity, when, in fact, that means that your data can be replaced with a request to decrypt your earlier packets, and you'll do so. Of course, integrity would only be disabled in a specialized application (where you expect to be able to deal with mangled data), and IPSec is generally deployed in cases where a variety of applications will use the channel.
It's extremely difficult to design a cryptosystem with optional features, because the security of various techniques tends to depend on properties provided by other techniques, and it's difficult to determine, especially in a committee, whether these properties are provided for the proper function of the system or because the end user is likely to want them.
The odd thing about Jedi using light sabers is that they don't bother with blasters at all. Blasters are obviously more available, and they would be useful if you're fighting some non-Jedi at a distance in some direction you weren't planning to go.
The other odd thing is that it should be possible to disengage a block by turning your light saber off momentarily or shortening it. It also shouldn't matter how much momentum a light saber has when making a cut, so fights should look like fencing matches, where the main idea is to get in a flick to the wrist and cut off your opponent's sword hand. The Jedi's sword techniques just don't take into account the particular properties of their weapons.
The point of this center existing is to provide legal assistance to open source projects. They get donations to do so, both from individuals and from corporations who want open source projects they might use to not collapse under legal pressure.
This isn't really like an angel investment; it's more like a non-profit organization.
It used to be that there were a lot of games that were not terribly behind the technology curve and were at least somewhat educational. This field really needs to be revived.
I'd like to see an RTS game where you could tell units to follow programs you'd written ahead of time in Java. You could play it just like a regular RTS, but you'd get completely crushed by the players who'd taught their units to fight effectively without any player attention.
Similar stuff could be done with an FPS in which you could program robots and equipment built into levels. I bet you could induce panic attacks in practically everyone by making them debug their code with a time limit while simultaneously listening for approaching monsters.
I think you'd get a lot of the people who want to play games writing code if the games started out easy, with automating things an option, and progressed to totally impossible without substantial code, by way of areas that are difficult without some easy code.
The US has a much lower standard for statements. The UK version is a bit flaky, since it would mean that anyone found innocent of a crime had been slandered by the prosecution in the court records. A more reasonable standard would be probable cause, which is where the police are supposed to start making statements about you.
In any case, it's generally considered impractical to prove libel or slander in the US. In practice, things only get as far as lying sources getting discreditted outside of court, which generally means journalists losing their jobs.
You realized it at some point after the first book? I thought that only the first book was particularly obvious, and anyone who didn't pick up on the resurrection bit wasn't going to notice later.
I'd actually claim that native non-christians in british colonies get a christian upbringing; it's not about being christian, but about having a curriculum set by christians. Conversely, in much of the US, people are expected to be taught about christianity outside of school, and school is expected to be secular, so the literature chosen doesn't depend all that much on christian elements. And, of course, the christians often skip bible school, and, as a result, you probably know more about christianity than most american christians.
Slashdot Mirror
Quote from Jeff Garzik, the networking device maintainer for the Linux kernel, who is not a git developer:
That's innovation, and it was only possible because the end user had the necessary access. BitKeeper was good software, and it was available to most people (including Jeff), but this innovation wasn't possible in the closed environment.
You can't really trust a person, either; the patents might be inherited by someone less moral, or they might be seized in payment for debts, or something. You can't really trust a patent holder; you can only really trust a license. The Nokia press release doesn't really count, but it's hard to blame them: there isn't a OSS-industry-standard patent license like the GPL is for copyright that we can request that they license their patents under.
Which do you think has the logical position? The FSF says that software patents are bad, but people have to play the system as it stands, and the best defense for Free Software against companies with software patents is to have software patents as well. Nokia supports software patents as defensive patents, but they're primarily a software-on-dedicated-hardware company worried about hardware companies with patents. The only instance I know of Nokia enfocing their patents is over GSM and GPRS, which is fundamentally a hardware thing (at least, nobody's built a purely software system that does RF fast enough to be in that band). Remember that the company that had the LZW patent (which applied to GIF) was fundamentally a hardware company, and mostly licensed it to companies producing communications devices using compression. It seems reasonable for Nokia to want something in their field to cross-license with companies that do some software and primarily research hardware.
Now, if there were a substantial lobby against having patents of any sort, and Nokia didn't join it, their defensive patent argument would be inconsistent.
(My personal position is that software should be exempt from the possibility of infringing patents; software patents should be allowed, but they would only be meaningful if the techniques were implemented as hardware, and patented hardware techniques implemented as software would by safe. Patents fundamentally apply to techniques, and a given technique could be used in either software or hardware. The right defense for sfotware is, therefore, an exemption for software implementations, rather than an attempt to prohibit patents which specify software).
The FSF currently advises free software developers to get defensive software patents (Eben Moglen mentioned this during linux.conf.au, as reported partway through the article about his talk on this page). Of course, there's a difference between simply not asserting patents and licensing them under appropriate terms. It would be nice if the FSF were to propose a license for making patents available to GPL code, so that we get actual standardized licenses instead of vague statements.
I hear gallium is good for overheated electronics...
Your problem is that you installed Knoppix on the machines. Really, it's meant to be run off of the CD (and only one CD per sysadmin). That means that people won't generally have to deal with the extra productivity except in emergencies.
These countries are also supposed to enforce the laws that require people to pay for Microsoft's products. Software is not a good business to be in if you owe the courts more than any possible judgement against copyright infringers, especially if people don't consider paying for your software the honest thing to do. It's not like selling steel or something where you can just not ship it to people who aren't going to pay.
Actually, there are a number of non-SUM banks in MA. US Trust is one, and there's the one with the lighthouse logo whose name I can't remember. You actually have to find your bank if you use one of these and don't want to pay surcharges. It's basically, if you use a Big Bank, you need to use your bank's ATM, and if you use a small bank, you need to use a small bank's ATM.
(Also, SUM is actually a subset of NYCE, not a separate network, and there are other ATMs that charge everyone in certain convenient locations; e.g., the one at Tavern on the Square in Central Square, or the Wainwright in Harvard Square (maybe just one of their machines, though))
Aside from using xscale in iPods or other handhelds, they could be looking at Intel for graphics and sound hardware, USB drivers, PCI bridges, or any of a number of other purposes. It's not like Intel exclusively makes x86 processors.
I believe that all of the Linux distributions that support automatic updates support having them come from a local server which mirrors the distro server. That's one advantage of GPL software; it is legally completely fine to redistribute it, and vendors are less likely to make it inconvenient.
There isn't any trust between servers, but a server knows that any identity at a particular server trusts that server, and therefore that the remote server is sufficient to authenticate that identity. If I claim to be iabervon@slashdot.org, and slashdot.org agrees, that should be enough for anybody. Of course, some other site is unlikely to care if I'm iabervon@slashdot.org or not, unless, during an interaction with the site, I tell it to authorize iabervon@slashdot.org as me, because I (the user in the interaction) trust slashdot to identify me.
For example, if I post a comment on groklaw as iabervon@slashdot.org, I could edit it with the same identity but other people wouldn't be able to convince groklaw that they were me, even without any particular trust between sites. If I trust my own server to identify me, and I trust Amazon to have my credit card info, and I tell Amazon that I trust my server to identify me (before I give it my credit card info), it doesn't need to trust my server itself.
There is no feasible way of identifying a unique person presently. Fortunately, few entities care (one is the IRS, which wants to prevent individuals from splitting their income and lowering their tax brackets; another is law enforcement, which doesn't want people to be able to start over with a new identity).
For most things, the only thing that matters is that the site can determine that some entity that claims to have been there before is back. Identity
is about telling that things are the same, not about telling that things are different.
Do you think that a WLAN card chipset should be patentable if it uses an ASIC but not if it's all microcontroller? What about an FPGA? What about an ASIC that was originally designed as an FPGA program and then produced more efficiently an an ASIC in the devices people buy.
Personally, I think that the right thing is to simply exempt anything running on a CPU which, as distributed, can be made to run different instructions from patent infringement claims. Let people patent compression techniques all they want, so long as the patent is only meaningful against special-purpose devices built for that technique.
Linus probably would do something about this if all the cryptographers in the whole world said it mattered. But, so far, Percival is the only person who seems to think it's actually a problem. Nothing on the subject from Bruce Schneier. And, while he says Linus should talk to the SELinux people, he probably doesn't realize that they have almost certainly heard about this and didn't comment in the thread.
It wouldn't be hard to have an option to prevent processes with different owners from running on the same physical CPU at the same time. It wouldn't even affect the case that Linus mentioned. But cryptographers don't seem to think it's a plausible attack anyway, aside from carefully arranged conditions. The discussion was entirely over whether it would be less foolish to prevent it in the kernel or in userspace, and nobody seems to have argued that anything should be done at all.
The thing that Dvorak is missing is this it wasn't the Linux community that got O'Gara fired. It was primarily the other editorial staff and the advertizers. Dvorak seems to think that doing anything you can to get people to read your column is okay, even if it offends your publishers and your advertizers. He seems to miss that having your ad appear to go along with criminal conduct is not something that most people are willing to pay for. Nobody wants to put product placement in the Abu Gharib photos, even though they've been seen by many people.
Of course, he understands this himself, even if he doesn't base his article on it. He could get a lot more "veiled threats of lawsuits" to report about if he wanted by stealing mail from the Linux community or stalking people, but he's smart enough not to do it himself or report the details which would make him liable and his publisher uncomfortable.
So you're looking for a solution for automatically updating non-Microsoft software on Windows? I wouldn't be too surprised if it was impossible, and you're unlikely to get much good advise from Slashdot on the subject.
Except, perhaps, if you have a sufficiently fast network, you could possibly have everyone run the software in question off of a central fileserver, which you could then update easily by hand. Having just upgraded my Linux Firefox using tar accidentally ("I'll just untar this, then change my symlinks to point to the new version, then restart Firefox. Oops, all of the different versions have the same directory names in their tarballs. Hmm, Firefox crashes if you overwrite all its files. Oh well, the new version starts up fine..."), it seems like it's not necessary to run programs to upgrade if you can change what people run directly.
Cream soda spilled into a Model M will slow it down for a while. It'll be fine electrically, but the keys won't come back up unless you pull on them. After some time, the stickiness will wear away, and it'll be back to normal. They don't quite laugh at everything; there are some things they grumble about.
Actually, you wouldn't be substantially damaged by ultraviolet radiation in this simulation; it simulates lowering the speed of light, which means that radiation of a given wavelength has less energy by a factor of 22 million, assuming that it colors things based on wavelength, which is reasonable for most sources of colored light; although radiation from state transitions would have the same energy and frequency, so the sun would be mostly invisible (gamma-ray wavelength) and TV transmitters would glow visibly.
This is not the case (and it would be difficult for a security flaw of this sort to escape notice, because if there was some way of getting values out of the cache that aren't in your address space, it would happen all the time accidentally).
It turns out to be based on figuring out how much of your cache has been invalidated, which corresponds to how much memory the other process has used, which, for OpenSSL, is different depending on whether it used a multiply or a sqaure, which depends on bits in the private key it is using.
It is essentially similar to the power analysis attacks on smartcards, except with memory usage instead of power consumption.
This only affects a relatively odd combination of features, so it's probably not a big deal for actual users. On the other hand, it is a flaw in the standard to claim that you can get confidentiality without integrity, when, in fact, that means that your data can be replaced with a request to decrypt your earlier packets, and you'll do so. Of course, integrity would only be disabled in a specialized application (where you expect to be able to deal with mangled data), and IPSec is generally deployed in cases where a variety of applications will use the channel.
It's extremely difficult to design a cryptosystem with optional features, because the security of various techniques tends to depend on properties provided by other techniques, and it's difficult to determine, especially in a committee, whether these properties are provided for the proper function of the system or because the end user is likely to want them.
The odd thing about Jedi using light sabers is that they don't bother with blasters at all. Blasters are obviously more available, and they would be useful if you're fighting some non-Jedi at a distance in some direction you weren't planning to go.
The other odd thing is that it should be possible to disengage a block by turning your light saber off momentarily or shortening it. It also shouldn't matter how much momentum a light saber has when making a cut, so fights should look like fencing matches, where the main idea is to get in a flick to the wrist and cut off your opponent's sword hand. The Jedi's sword techniques just don't take into account the particular properties of their weapons.
The point of this center existing is to provide legal assistance to open source projects. They get donations to do so, both from individuals and from corporations who want open source projects they might use to not collapse under legal pressure.
This isn't really like an angel investment; it's more like a non-profit organization.
It used to be that there were a lot of games that were not terribly behind the technology curve and were at least somewhat educational. This field really needs to be revived.
I'd like to see an RTS game where you could tell units to follow programs you'd written ahead of time in Java. You could play it just like a regular RTS, but you'd get completely crushed by the players who'd taught their units to fight effectively without any player attention.
Similar stuff could be done with an FPS in which you could program robots and equipment built into levels. I bet you could induce panic attacks in practically everyone by making them debug their code with a time limit while simultaneously listening for approaching monsters.
I think you'd get a lot of the people who want to play games writing code if the games started out easy, with automating things an option, and progressed to totally impossible without substantial code, by way of areas that are difficult without some easy code.
The US has a much lower standard for statements. The UK version is a bit flaky, since it would mean that anyone found innocent of a crime had been slandered by the prosecution in the court records. A more reasonable standard would be probable cause, which is where the police are supposed to start making statements about you.
In any case, it's generally considered impractical to prove libel or slander in the US. In practice, things only get as far as lying sources getting discreditted outside of court, which generally means journalists losing their jobs.
You realized it at some point after the first book? I thought that only the first book was particularly obvious, and anyone who didn't pick up on the resurrection bit wasn't going to notice later.
I'd actually claim that native non-christians in british colonies get a christian upbringing; it's not about being christian, but about having a curriculum set by christians. Conversely, in much of the US, people are expected to be taught about christianity outside of school, and school is expected to be secular, so the literature chosen doesn't depend all that much on christian elements. And, of course, the christians often skip bible school, and, as a result, you probably know more about christianity than most american christians.