But I'm in the trenches. Thousands of people depend on these servers. Do you really think I'm going to compile something like openssl, on which all the TLS stuff for LDAP, Apache's HTTPS, SSH, and stunnel all depend?
Why? Do you not know how to do it? Listen, the original post in this thread was complaining that Fedora had not yet released the package updates. If your distribution has released the patches, hurray for you. For those people whose distribution hasn't released the patches yet however, what are they supposed to do? Sit around and wait for the box to be compromised or compile from source?
Stolen customer information, Lawsuits, Countless hours spent rebuilding boxes due to hacker. Which would you choose?
Well I suppose that the answer is no considering that the CERT Advisory, OpenSSL site, Other numerous sites say "This can lead to a DoS attack" and don't mention anything else. RTFA.
No way... Data would kick Warfs ass.. In fact, there are only two or so episodes that Warf actually defeats *anyone*. He always gets the crap kicked out of him... If he was still on the Klingon homeworld he'd be a nursemaid or something..
Yeah, fine, I freely admit that I don't have a girlfriend:P
heh.. at least I got a good laugh from reading your reply. I think I'd check with your law school advisor to double check that you truly only have one year left.. It looks to me like you have a lot more studying to do ahead of you.
A case like this is equivalent to downloading a copyrighted song (mp3). Going after the people who download solves nothing at all; only going after those who share it will.
I agree that it won't solve anything, still doesn't change the legality of it.
Flat out: Downloading and looking at source code is not harmful. Sorry, but if you think otherwise, you are wrong. We have seen simliar cases in the past, such as the DeCSS case against Jon Johansen.
You do realize that the case law generated by the Jon Johansen case doesn't even come close to the ball bark of the stolen MS code right? Xing didn't encrypt the decryption key in their source code hence when the end users paid for the software, they were able to see it.. They paid for the software in which the key was basicly given out. Nobody hacked in to one of their servers and stole/posted the code... Now, if you download a copy of the 2000 source code and you own 2000? I dunno if that's illegal but I do promise you that at least 1/4 of the copies that're being downloaded are by people that don't have a valid 2000 or NT4 license.
Since you are feeling pretty stupid right about now (and surely anyone reading this response to you is laughing as well), I'll give you some advice for future posting: Please don't attempt to make an informative post when you're in actuality not even REMOTELY educated about the topic at hand, in this case, copyright law. I'm sure you'd like to feel smarter than you actually are, but son, just sit down and shut up.
Yeah, I'll do that.. Enjoy another 4 years in law school (or when you fail out, eternity in McDonalds) you trolling asshat.
Holy christ boy.... You are so off base here it's not even funny...
1. If you download it just to look at it, IT IS ILLEGAL. "Uhhh officer, those playboys I stole from that magazine stand, that isn't illegal, I was just gonna look at them for educational purposes".. give me a break. By downloading that code you are in fact taking possesion of something that isn't yours and was never meant to be yours.
2. The poster of the IE exploit will probably receive the warning letter like the rest of the downloaders. By your logic, I should be able to walk up to your car when you leave it in a parking lot, open the door and light the interior on fire so long as I tell you that "Man, you should keep your doors locked.. But this isn't illegal because I'm educating you on car security".
You're obviously not a lawyer and even more obviously, not a very bright person.
This response is too funny.. I work in maine where it's about -10 right now and I sit directly under an air conditioning vent that blows out cold air. My co-worker was nice enuogh to give me a small space heater and just like your incident, blew all the power on my floor.
Who modded this as a troll? The poster is correct... This code is a] not unique b] probably already copyrighted somewhere else by someone else. This whole ask slashdot question is stupid... This is like me stating that I've developed a C++ algorithm that exits the program
All work is copyrighted automaticlly apon completion IF you can prove that you were the first person to develop/create it (IE: print the source code, painting, etc and send it via certified mail to yourself or your lawyer). Of course, this method is STILL a pain in the ass to prove and you're right with the fact that he should get a formal copyright.
Slashdot Mirror
... And you get a 403 forbidden error
You can't feed your kids with principle!
:(
Yeah, I tried.. They all starved to death
Sound impossible?
No, Just stupid.
Remember, A-B-B-A-up will let you kick-flip your lava board; B-B-A-B-down-up does a stalefish grab.
Jerk. B-B-A-B makes you fall off and die! The stalefish grab is B-A-A-B
My ice coffee just shot out of my nose all over the fucking monitor... great comment :)
I bet people would be more interested in your comment if you posted it in the comments section of the article located directly above this one.
But I'm in the trenches. Thousands of people depend on these servers. Do you really think I'm going to compile something like openssl, on which all the TLS stuff for LDAP, Apache's HTTPS, SSH, and stunnel all depend?
Why? Do you not know how to do it? Listen, the original post in this thread was complaining that Fedora had not yet released the package updates. If your distribution has released the patches, hurray for you. For those people whose distribution hasn't released the patches yet however, what are they supposed to do? Sit around and wait for the box to be compromised or compile from source?
Stolen customer information, Lawsuits, Countless hours spent rebuilding boxes due to hacker. Which would you choose?
wget http://www.openssl.org/source/openssl-0.9.7d.tar.g z
Decompress/configure/make/make install
If you can't compile source code then you shouldn't be a sysadmin.
One of the problems is that a remote attacker could cause an infinite loop which would hang the parent process so yes, this could be a problem.
Well I suppose that the answer is no considering that the CERT Advisory, OpenSSL site, Other numerous sites say "This can lead to a DoS attack" and don't mention anything else. RTFA.
No way... Data would kick Warfs ass.. In fact, there are only two or so episodes that Warf actually defeats *anyone*. He always gets the crap kicked out of him... If he was still on the Klingon homeworld he'd be a nursemaid or something..
:P
Yeah, fine, I freely admit that I don't have a girlfriend
didnt = didn't
reckognized = recognized
mne = me
Im = I'm
andd = and
gfod = god
Damn... I sure as hell hope you're not a programmer at your job. If so, I'd love to see some of your code
#!/usr/been/purl
opin(INFILE,"/etc/paswd") || die("Fil naught fownd");
Sorry about making fun of you, please don't bring your dad to my house.
Owned.
heh.. at least I got a good laugh from reading your reply. I think I'd check with your law school advisor to double check that you truly only have one year left.. It looks to me like you have a lot more studying to do ahead of you.
A case like this is equivalent to downloading a copyrighted song (mp3). Going after the people who download solves nothing at all; only going after those who share it will.
I agree that it won't solve anything, still doesn't change the legality of it.
Flat out: Downloading and looking at source code is not harmful. Sorry, but if you think otherwise, you are wrong. We have seen simliar cases in the past, such as the DeCSS case against Jon Johansen.
You do realize that the case law generated by the Jon Johansen case doesn't even come close to the ball bark of the stolen MS code right? Xing didn't encrypt the decryption key in their source code hence when the end users paid for the software, they were able to see it.. They paid for the software in which the key was basicly given out. Nobody hacked in to one of their servers and stole/posted the code... Now, if you download a copy of the 2000 source code and you own 2000? I dunno if that's illegal but I do promise you that at least 1/4 of the copies that're being downloaded are by people that don't have a valid 2000 or NT4 license.
Since you are feeling pretty stupid right about now (and surely anyone reading this response to you is laughing as well), I'll give you some advice for future posting: Please don't attempt to make an informative post when you're in actuality not even REMOTELY educated about the topic at hand, in this case, copyright law. I'm sure you'd like to feel smarter than you actually are, but son, just sit down and shut up.
Yeah, I'll do that.. Enjoy another 4 years in law school (or when you fail out, eternity in McDonalds) you trolling asshat.
Holy christ boy.... You are so off base here it's not even funny...
1. If you download it just to look at it, IT IS ILLEGAL. "Uhhh officer, those playboys I stole from that magazine stand, that isn't illegal, I was just gonna look at them for educational purposes".. give me a break. By downloading that code you are in fact taking possesion of something that isn't yours and was never meant to be yours.
2. The poster of the IE exploit will probably receive the warning letter like the rest of the downloaders. By your logic, I should be able to walk up to your car when you leave it in a parking lot, open the door and light the interior on fire so long as I tell you that "Man, you should keep your doors locked.. But this isn't illegal because I'm educating you on car security".
You're obviously not a lawyer and even more obviously, not a very bright person.
And don't forget whitespace. Best coding language ever!
This response is too funny.. I work in maine where it's about -10 right now and I sit directly under an air conditioning vent that blows out cold air. My co-worker was nice enuogh to give me a small space heater and just like your incident, blew all the power on my floor.
Who modded this as a troll? The poster is correct... This code is a] not unique b] probably already copyrighted somewhere else by someone else. This whole ask slashdot question is stupid... This is like me stating that I've developed a C++ algorithm that exits the program
void main() {
exit(0);
}
Weee.. Look at me! I should be famous for this.
All work is copyrighted automaticlly apon completion IF you can prove that you were the first person to develop/create it (IE: print the source code, painting, etc and send it via certified mail to yourself or your lawyer). Of course, this method is STILL a pain in the ass to prove and you're right with the fact that he should get a formal copyright.
cp -R /home/stupid /mnt/floppy
apt-get makes people lazy. download and compile the source like a real man :P
This is Slashdot, not Dear Abbie. Go out and write your own damn client.
Matthew Broderick right? Did I get it right? HUH??
Try upgrading the the most recent version of OpenSSL
Why don't you simply download and compile the source? You aren't telling me you're a system administrator and can't compile source are you?