But if preventing forks is important, GPL doesn't seem to stop it. So why not just use the Artistic License? Then the authors can some day make money out of a commercial fork if they need to pay the bills!"
The author of GPL code is not subject to GPL requirements, so I'm confused where you're going with this. If an author--like Alladin of Ghostscript--wishes to sell non-GPL licensed copies of his software, there's nothing preventing him, except the degree of code that hasn't had ownership signed over to him.
Small patches can be presumed to have ownership signed(though it really should be explictly stated), and large ones will end up getting a shared-ownership scenario, one way or another. But the GPL just doesn't do anything to stop commercial forks if the author needs to pay the bills!
Honestly, people genuinely don't realize how much work has gone into closing loopholes with the GPL. No matter how esoteric each clause seems, there really are good reasons for them to be there. The problem lies in the fact that overly simple licenses--of which I'm not necessarily saying the Artistic License is one of--have just as much potential for being Gotcha Source as the most complex, overwrought, and landmined license that you can find.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
With modular device drivers, generally speaking, who cares if it's open-source.
Linux Kernel Modules are modular in that they don't need to be preloaded, not in that they don't need to be compiled for a given machine.
There are all sorts of variations--SMP v. Single Processor, 1GB v. 2GB memory barrier, and the all important kernel revision that make closed source drivers a nightmare to keep working over time.
And the Linux-Kernel list doesn't care--and I somewhat agree.
Microsoft's response to broken drivers has been to blame them for most NT crashes, and *try* to have a certification program. The Linux-Kernel list has pretty much flat out stated that that's not acceptable. They want to do things right, therefore while the interfaces they expose to userlevel stuff will remain compatible, they reserve the right to break the kernel into little pieces if the rebuild ends up more efficient. The interesting thing is that this forces driver development to stay in sync with kernel development, preventing rot and being a definite contributor to system stability as a whole.
It's an interesting response, if you ask me.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
By opening their high bandwidth channel to multiple vendors (which is what AT&T seems to be doing), they are helping to assure this.
What do you mean? They're doing everything they can to *not* open their high bandwidth channels. That way, all the ISPs go out of business because they can't meet the demand for inexpensive but high speed net access, and AT&T becomes a single point of failure in the infamously rerouting internet.
IP communication freedom would be hijaacked at a remarkably ridiculous speed if we didn't have the vast quantity of ISPs we have today. The ability to go to another provider is *critical* to maintaining this freedom.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
I remember when I was growing up, there was a cartoon entitled "Visionaries". Now, like most shows in the early 80's, this was another Toy Advertising Vehicle, this one for stupid little dolls with holograms on their chest. But the show itself had a cool concept--all tech was destroyed, and everybody had to figure out how to survive.
I, a 10 year old techie at the time, was extraordinarily annoyed that anyone would presume all tech would just *disappear*. I didn't know about EMP yet. Necessity is the mother of horrific inventions, eh?;-)
So, here I am a decade later, and I'm reading about a book based on a similar concept as that old show. This time, I know what EMP is...and also know that, if applied on a global scale, repeatedly, at the bare minimum much of the marine population would be disoriented to extinction. Sharks, and many other marine species detect minute variations in the electrical field to find their prey. Intermittent massive pulses of energy would almost certainly blind them, causing some pretty nasty changes to the ecosystem.
OK, OK, the Greatwinter could be argued to make such minor extinctions irrelevant. But consider--anything that would indescriminately destroy electronics would cause *any* metal to spark--so you'd actually be looking at a pre-medeival society, no?
I'm actually liking these Slashdot book reviews alot. Makes me realize I need to go read more;-)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Don't say you can index 800 million pages in three months when your database gives less results that Lycos circa 1996.
Hyperbole is rife in the computer world in general, and it's one of the genuine strengths of the Open Source community that we're very results oriented--Apache gets *results*. Samba *works*, and actually *does* knock NT out of the park in terms of flexibility and feature sets. And so on.
There are exceptions, granted, but we don't stretch our credibility to the breaking point nearly as much as stock-price-manipu^H^H^H^H^H^Hmaximizing corporations practically have to.
My problem with Juggernaut is that, while their technology might be awesome, their online index *isn't*. When you don't even get enough hits back to compare whether the hits are delivered in an optimum order, you know there's a problem. That, combined with the fact that the site looks decidedly 1996'ish(sorry, I know there's a webmaster out there who doesn't like me right now), tarnishes the otherwise excellent announcement that we now ostensibly(pending testing) have an extremely high quantity and quality search engine system, not to mention the birth of a new business model--the internal search engine of external content.
Honestly, I must admit there's something to be said about companies purchasing internal versions of large search engines, just so no outside source can watch the unencrypted stream of queries coming from a given company to deduce what projects they're working on.
The Juggernaut guys may be on to something, but I'm still a Google addict.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
An interesting article--suprisingly well thought out, particularly on the part of the doubting inventors. I particularly like the quote, "This is like justifying road accidents because they provide hospital beds." I'm going to end up using that quite a bit.
Alot of the sins that people are about to complain about aren't really ascribable to this automated system--yes, you can track many more people, but the bottom line is that if you accept surveilance at all--video, armed guard, or whatnot--everything from doing cartwheels to loitering with some friends is being monitored.
But as long as a human's watching, it's not truly annoying anyone.
Therein lies the rub. The real problem with these systems is that the "George's"(dumb+cheap security guards, think Half-Life) of the world won't be happy being interrupted by false positives. No matter how tuned these systems get, there will always be perfectly innocuous activities that will trigger the alarms. There will end up being innocuous classes of behavior which cannot be trained *out* of the system, since to do so would be to cause the system to miss too many postive events.
A security shift supervisor can tell a rookie to not bug him about some stupid kid smoking a cigarette instead of catching the bus, but these guy's system will be forced to blare every time someone lights up.
Suddenly, all the human ugliness of sexism, racism, and agism comes into play, and entire swaths of society will be deemed worthwhile to forcibly teach not to trigger the dumb(by human standards) sensor arrays. Suddenly, the limits of the technology drive the law, first unwritten, then made official.
Don't flirt in a certain manner--it causes the sensors to think you're a rapist. Don't laugh too loud while raising your hands--the sensors might think you have a gun. Don't miss your train too many times, or you'll no longer be welcome at the station.
I actually find this tragic--this is a very cool technology that has uses all over the place, from security analysis to environmental monitoring. I think these are the first inventors I've seen who have a grasp on just where their technology might go, and immediately express hope that society as a whole will grapple with what they've done. Is this the model of technological ethics? Honest scientists creating what they can, hoping not that all will be right but that the good will outweigh the misuse, and the abuse will be suppressed by legal means?
Interesting to think about. After reading about the gait analysis technology, perhaps good posture will once again be mandatory...
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Despite warning signs, AT&T executives had been hopeful AOL would cooperate, especially given the online leader's recent push for so-called open access to cable networks.
It took nearly everything I had to not break out in a fit of laughter upon reading this. AOL is desperate to get direct access to *some* form of high speed gateway, to the point where they dumped a couple hundred million into *satellite* technology(DirectPC, to be specific. Great for rural areas, but rather horrific to scale--and one way, too).
So here you have AOL, banging on the doors, trying to get the law (very very justifiably!) twisted so that, gee whiz, there can actually *be* ISPs that don't own the direct lines of communication.
Meanwhile, at the very same time, Microsoft is banging on their door, trying to be an IMSP(Internet Messaging Service Provider) that doesn't own all of the direct communication servers.
The communications architectures are publically supported(guess whose land all that fiber's going over!), while the Instant Messanging systems *aren't*, but those are just *details*. On one hand, AOL wants open access to AT&T's property, and on the other, AOL wants closed access when it's their own damn network!
Oh, what a brilliant gambit on the part of AT&T, calling them on an apparent contradiction! I honestly would not be surprised if the only reason AT&T ever partnered with Tribal Voice in the first place was because they realized AOL Just Couldn't Win Both Battles--and either way, their "enemy" would be weakened by either loss.
AOL's counter should be interesting. I know some of the guys at AOL--hell, one of 'em is probably the single smartest networking guy I've ever met. We're talking about a company that, in response to Microsoft's attempts at circumventing their network security, consistently and repeatedly exploited security holes in Microsoft's AIM client, and likely threatened to announce exploits for their client unless Microsoft caved in. (They did.)
AOL is bound to have a truly fascinating response to all this. I, for one, am going to be watching, popcorn in hand.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Am I the only one who gets the impression that company names of the late 90's are going to be remembered in the same light as bell bottoms and platform shoes?
Of course, this coming from a guy who calls himself Effugas and runs a website named DoxPara Research...Look mah! Mid-Name Capitalization, the Almighty X, and *Gasp* RESEARCH!
;-)
Yours Truly,
Dan Kaminsky DoxPara Research http:///www.doxpara.com
"It's probably something to do with..." I look up today's excuse ".. clock speed"
I'm feeling very uncomfortable here. I mean...I've grown up worshipping the BOFH...and now...what doth my eyes detect, but...
A Bastard Chief Executive Operator From Hell?
You know, some strange part of me wants to see this as a complement.
The odds that Mr. Schmidt purchased something from such a fly by night operation that the credit card number was embedded in the cookie so low, that it stretches the imagination beyond repair to consider the idea that that same operation would ever have the technical desire or even knowledge to use Novell's new DigitalMe software!
Of course, he could have just been tricked by a *real* BOFH... "GEEK! HOW DID MY CREDIT CARD NUMBER GET TAKEN!" "Mmmm. Cookie." "I knew those things were trouble!" "Mmm. Oreo. Chips Ahoy. Yum."
Seriously, there's a gigantic amount of irony embedded in Novell proposing that their DigitalMe system would improve consumer privacy. Consider: Most sites that require state don't require your identity, pretty much because it takes time to get somebody to reveal who they are, and attention spans are small. Look how much traffic The New York Times loses from people too lazy to even lie on a form--MTV may have done more for consumer privacy than any other company in history.
Novell's DigitalMe changes that. Assuming the infrastructure is such that any site that wants to do trustable-state transactions(which is really what Schmidt and Novell is trying to sell) actually has enough DigitalMe access to not have to worry about Yet Another Single Point of Failure, DigitalMe lets the user disclose every piece of information the user could possibly expose in the click of a "OK, tell 'em whatever they want to know."
Heh, Novell--Suddenly everyone's finding out a hell of alot more about you!
And the worst part? Unlike that paltry $50 liability had, you'll never know what people are doing with your personal information. I find it interesting that in a place that espouses freedom and individuality so much, people don't own their identities.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
There's no problem of "memory" when you go from your front door to your mailbox and back...that is, there's no reason to think the universe has trouble "remembering" the door is there, or the mailbox is there.
Problem: You just created an entirely deterministic universe. Everything that was(at least) or will ever be(at most) has already been predetermined in your picture of things.
Welcome to the land of PseudoEntropy, where particles appear to follow undefined patterns but in fact are all going according to plan?
A particle with intrinsic randomness can act without memory. A particle without intrinsic randomness has absolute memory, since all effects are determinable...but guess which one physics (and Heisenberg, who is abused on an daily basis) prefers.;-)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
People like to think of going back in time, mainly because of the psychologically tragic reality of 20/20 hindsight.
The problem is the complexity a backwards traversable universe creates.
For example, if one can travel back to 1950, that implies that, somewhere, somehow embedded in either the fabric of the unvierse or in the structure of subatomic particles is the exact memory of where and when everything and everyone was. Perhaps an infinitely growing thread(imagine a pencil leaving a trail as it moves over a paper...of course, some small chunk of the pencil is removed with each motion), or perhaps some kind of structural memory, but somewhere, the State Of What Was has to be preserved.
Sounds rather deterministic, in a universe that seems to have blurriness built into its very design.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
So God writes a document full of encoded criminal plans, without handing over the keys. Now, that makes God a criminal right?
Everything makes much more sense now; such strangeness, here in a rather protestant nation with a distaste for catholicism which spawned from the country that created a new religion so its king could get a divorce...
Makes ya proud to be a Jew;-)
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
I'm beginning to wonder about the proliferation of licenses in a slightly new light:
What if it's not merely a problem to have new licenses pop up that are more complex, more restrictive, more Gotcha-Source(where users presume rights that some small clause shoved into five words restrict) than the standard, rather simple to generally understand but well defined and heavily thought out GPL, LGPL, and BSD licenses?
What if it's a significant worry to have licenses that aren't complex enough?
After all, we talk alot about the benefits of Open Source turning the copyright system inside out upon itself, protecting situations where others restrict further usage of code beyond what the original authors ever intended. I like the Novell License for its simplicity and its lack of Gotchas for the user, but I have to wonder if there's not some small aspect of a ticking time bomb for Novell built into it?
There's a reason for every single clause in the GPL. The arguments are publically available and quite searchable. (Is there an annotated GPL out there, incidentally?) Novell's license isn't nearly as extensive, which could create a situation where *cough* a certain devious company sets up a front startup to Embrace and Extend Novell's code in a manner so as to make them anexample to the industry.
The GPL closes loopholes. It almost feels like the only reasons for this Novell license to exist are to leave them open.
There's a dark side to that. As far as I know, copyright law is set up such that one has no rights to the content beyond that which is explicitly granted. It is not inconcievable that Novell could be forced(or has individuals counting on being able to) to go to court to try to reclose a loophole that never should have been there in the first place, making a whole bunch of noise about the inadequacy of Open Source in the process.
It's a Media War, and all that.
Now, I doubt this is what Novell is up to. They've been doing some pretty cool stuff for Linux. (Windows 9x is another matter.) But they're going down a dangerous road.
I offer an alternative: Give us differential licenses! People like to refer to licenses using phrases like "GPL but you can't fork" or "BSD but you need to advertise in Playboy" or whatnot. If there's a pressing freedom or restriction that needs to be embedded in the license, ship the GPL with a patch. There will be some noise made, and your license should not include GPL in the name, but at leaast it would be simple to derive what specific changes you desired.
It's just not clear from the Novell license why, say, they didn't just go with BSD. And that's a problem.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Guilty until you prove you're innocent, no right to remain silent, no right to a jury trial, produce your encryption keys or go to jail... At least in the U.S. we have some time off while Congress takes a break.
Congress ain't asleep at the wheel. Brilliant law coming out that lets the government claim that an encrypted message says anything they want it to, and they have no requirement to disclose how they decoded that message. Their decoding becomes presumptive fact.
Steganography isn't the cure for this; quite the opposite! Under this legal system, you could provide all the keys you've ever touched in your life, you'd be unable to prove that the government didn't actually find incriminating evidence hidden under an alternate passphrase channel.
The general idea being bandied around both legal systems is to insert as much nervousness as possible, taking advantage of people's natural laziness and trustfulness to make them avoid encryption technologies. Then, anyone who isn't lazy and trustful can be selected and monitored--go check out the NSA drowning with info story. Imagine cracking a SSH session only to find some teen chat!
The big stick on both sides is as follows: "You try to hide your messages from us, and we'll manipulate the legal system to give us unlimited power to ruin your life and the lives of those you love."
But I must be fair. Power abhors a vacuum. Data Mining is quickly building comprehensive profiles of many more people much more efficiently than any CoIntelPro could have hoped, but the knowledge is not going into any organization with a mandate to the people.
I have to wonder. Which to prefer? A constitution? Or a stock certificate?
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
The biggest joke in the entire Go v. GoTo war is that Disney probably could have gotten away with a small font change, a more pronounced traffic signal, and a black-with-white-outline backdrop instead of the yellow that GoTo used.
The reality is that Disney figured, heh, we're Disney and they're just some little company using Inktomi's database to sell a few banners. Screw 'em.
That they refused to budge--at all--probably created a more vicious response from the judge than they might have already gotten.
Incidentally, choosing logos and naming companies isn't entirely that simple. Back when I was still convention hopping(sigh why am I not at Comdex right now?) Infospace, the software company, was quite royally peeved at Infospace, everybody's favorite personal and business info search engine.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
10% "I patented the obvious" jokes 70% "Oh, isn't this exactly like this technical solution deployed years ago on this platform using this technology for that purpose"...
Slashdot is probably one of the most effective places for prior art discovery ever found. The general rule is, if Slashdot sees your patent, nobody is going to respect you in the morning.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Breaking Lotus might have been Just Gravy, but more likely was an accidental result to a proactive security fix.
I was reading about the SP6 fix earlier, and am desperately trying to remember which other application was having the same problems Lotus was but have so far failed. Essentially, Microsoft had been granting all user level applications raw socket access of some type--"raw ports" was the term being used. Likely, they discovered there was some security issues exploitable via this method.
Unfortunately, people were using this system for legitimate purposes, which caused a good chunk of programming to crash and burn all over.
We probably shouldn't be too harsh on MS for SP6--after all, how painful was the libc5->glibc upgrade effort? How many times did StarOffice mysteriously stop working?
That being said, it's extraordinarily likely that, with Microsoft's enormous test labs, they found that Lotus Notes broke with the new service pack, and intentionally neglected to inform Lotus that they'd need to put out a fix.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
(My question is in boldface, at the end of this post. You may ignore my observations if you like.)
Ever since the Finding of Fact was released, I've been thinking about this one scene from a story I read a couple years ago. The lead vampire, strongest and most vicious creature in the land, is finally defeated when the hordes of zombies he created are turned against him. He easily fights off the first few, but they keep coming, wave after wave, a nick here, a scratch there, until he is finally torn asunder.
Take one incredibly deep pocketed corporation. Add in thousands of unprofitable Internet companies, all with venture capitalists screaming for some way to get their money back. Now toss in a tremendous number of lawyers, each desperate to feed at the Trough of Infinite Wealth, and you have a potential legal evisceration of one of the country's most powerful companies.
I may be a Linux supporter, but I try to be consistent. Abuse and overuse of the legal system genuinely isn't all that productive, and is often used to replace that oft-repeated concept of "Innovation". (Witness Unisys's exploitation of GIF without a single byte of optimized GIF generation code coming out of them, and other entirely corrupt abuses of the USPTO.)
I want to see something done to check the abuses of Microsoft, but I don't want to see the company converted into a liquidation sale for hungry lawyers and startups that (sadly) didn't have much of a working business plan in the first place. Thus my question:
Is it a) Legally possible and b) Remotely conceivable that Microsoft and the U.S. Government will come to a settlement that will insulate Microsoft from any and all lawsuits based upon their abuses over the last ten years?
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Americans go to jail for having sex before 18. And you talk about freeedom. My ass.
No, Americans go to jail for being well over the age of 18 and having sex with someone well under the age of 18, usually around 15 or 16.
There's a very conscious effort in American society to segregate Underclass High Schoolers, Upperclass High Schoolers, College Kids, and New Workers--thus, driving ages, smoking ages, and drinking ages. But most of the effort is directed towards social constraints, which are amazingly effective in this image based society.
There are some arguably strange legal occurances, to be sure--if I remember right, California Penal Code 620.9 is written such that two 16 year olds having sex could both go to jail. However, it's never enforced in that manner, most likely due to privacy violations and judges losing respect for DA's.
Incidentally, a good friend of mine was getting molested in one form or another by her next door neighbor since the age of 13--after five years of it, lets just say she's not exactly where she should be in terms of sexual knowledge. Trust me--you don't want old guys going after really young chicks--it genuinely does fuck things up.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Something just doesn't sit right between BSAFE and I.
Ever since RSA insisted that PGP not use its independantly developed implementations of public key technology, and rather switch to the RSA codebase, I've been unable to trust BSAFE.
After all--we know the design justifications behind everything in the original version of PGP, and the various algorithms contained with SSLeay. I can't imagine how I could ever have the same kind of faith in a company whose very existence is dependant upon the agencies whose primary agenda is to stifle the spread of encryption technologies.
Protocols are proved by unique implementations--just ask NASA, which has multiple unique implementations of all critical systems, so a major bug in one doesn't cause the primary mission to fail. That RSA Inc. specifically tries to suppress unique implementations tells me that any software based on their code is unproved.
That's my opinion, and I'm sticking to it.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
It's somewhat strange talking about Linux "becoming" international--we're talking about an OS with core kernel developers both coming from and living in almost every corner of the globe. (Mysteriously, although a Pengiun is our mascot, we have no Antarctic representation.;-)
However, I still wonder if there will be a time when Linux development will be so decentralized that consensus on a development language could become difficult to achieve.
No, not C, C++, Java, Basic, Etc. I mean English.
After all, while English is rather standard as a second language throughout most of the world(for better or worse--damn picky language!), and the kernel is *now* written in the language(variable names, comments, keywords, etc.), the high density of immense programming talent in countries such as India and China that do not primarily speak English could create an altogether new kind of code fork.
Is code obfuscated if it's rewritten in an unfamiliar, maybe even two-byte language?
What if I so obfuscate some GPL code? Do I have the legal obligation to release a non-obfuscated(read: translated) version?
I actually honestly doubt anything onerous would come between the Tower of Babel.h and the GPL. But I could see some confusion sooner or later--I've gone through more than my fair share of code written in french, and it ain't too fun;-)
Other stuff:
Only Stallman Could Go To China. (After ESR's well-intentioned but rather brutal slapdown of China's ethical policies, one actually has to pause and notice the irony--RMS The Diplomat, ESR the Firebrand?!)
as American people don't necessarily think in the same way with their governments, Chinese people also enjoy this freedom. Please update your vision of China from the horrible "10 Red Years", on which we have also introspected with great regret and overcome it more open-minded since the reformation brought by Mr. Xiaoping Deng.
An interesting way to look at things. However, Americans are pretty used to hearing stories about people getting jailed for being in the kind of small, powerless political parties that Americans have a long history of mocking without mercy for being ineffectual and unprofessional.
The thought of people going to jail we prefer to laugh at is rather alien to Americans;-)
Of course, your point is extremely well taken--You Are Not Your Government. It's stupid thinking like that which gets civilians killed in wars for no other reason but that they obviously support The Enemy. (Then again, it's relatively easy for citizens to unify under their government in times like, say, when an embassy or a federal building gets bombed.)
Keep us posted--political issues aside, I'm extremely interested in those small, university level projects to add genuinely new and cool stuff to Linux.
Thanks for the update!
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
The worse the patents get, the better the odds of software patents being thrown out en masse.
Consider: Government powers explicitly derive from Constitutional assignment. Clause 8 of Article 1 grants the following:
Clause 8. The Congress shall have Power To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.
Promote, eh?
The patent office has expressed gross incompetence in its assignment of software patents--indeed, it may not be possible, due to the rapidly iterative nature of software development, to correctly apply standard patent methodologies to software. (As I've argued before though, lots of unwarranted patents make for a rich Patent Office and very rich Patent Attorneys! So I don't particularly believe the overworked and underclued patent examiners are being overworked or underclued accidentally.)
For whatever reason Software Patents are completely failing their Constitutional mandate, there is widespread consensus that the United States Patent and Trademark Office has long since wasted away any shred of legitimacy when it comes to the realm of software patents.
Without a legitimate claim to the constitutional powers they derive their right to regulate from, all their powers dissipate, and the software patents already assigned become null and void.
Comments? I have more to say, but I'd like to hear what you think about this.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Slashdot Mirror
But if preventing forks is important, GPL doesn't seem to stop it. So why not just use the Artistic License? Then the authors can some day make money out of a commercial fork if they need to pay the bills!"
The author of GPL code is not subject to GPL requirements, so I'm confused where you're going with this. If an author--like Alladin of Ghostscript--wishes to sell non-GPL licensed copies of his software, there's nothing preventing him, except the degree of code that hasn't had ownership signed over to him.
Small patches can be presumed to have ownership signed(though it really should be explictly stated), and large ones will end up getting a shared-ownership scenario, one way or another. But the GPL just doesn't do anything to stop commercial forks if the author needs to pay the bills!
Honestly, people genuinely don't realize how much work has gone into closing loopholes with the GPL. No matter how esoteric each clause seems, there really are good reasons for them to be there. The problem lies in the fact that overly simple licenses--of which I'm not necessarily saying the Artistic License is one of--have just as much potential for being Gotcha Source as the most complex, overwrought, and landmined license that you can find.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
With modular device drivers, generally speaking, who cares if it's open-source.
Linux Kernel Modules are modular in that they don't need to be preloaded, not in that they don't need to be compiled for a given machine.
There are all sorts of variations--SMP v. Single Processor, 1GB v. 2GB memory barrier, and the all important kernel revision that make closed source drivers a nightmare to keep working over time.
And the Linux-Kernel list doesn't care--and I somewhat agree.
Microsoft's response to broken drivers has been to blame them for most NT crashes, and *try* to have a certification program. The Linux-Kernel list has pretty much flat out stated that that's not acceptable. They want to do things right, therefore while the interfaces they expose to userlevel stuff will remain compatible, they reserve the right to break the kernel into little pieces if the rebuild ends up more efficient. The interesting thing is that this forces driver development to stay in sync with kernel development, preventing rot and being a definite contributor to system stability as a whole.
It's an interesting response, if you ask me.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
By opening their high bandwidth channel to multiple vendors (which is what AT&T seems to be doing), they are helping to assure this.
What do you mean? They're doing everything they can to *not* open their high bandwidth channels. That way, all the ISPs go out of business because they can't meet the demand for inexpensive but high speed net access, and AT&T becomes a single point of failure in the infamously rerouting internet.
IP communication freedom would be hijaacked at a remarkably ridiculous speed if we didn't have the vast quantity of ISPs we have today. The ability to go to another provider is *critical* to maintaining this freedom.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
I remember when I was growing up, there was a cartoon entitled "Visionaries". Now, like most shows in the early 80's, this was another Toy Advertising Vehicle, this one for stupid little dolls with holograms on their chest. But the show itself had a cool concept--all tech was destroyed, and everybody had to figure out how to survive.
;-)
;-)
I, a 10 year old techie at the time, was extraordinarily annoyed that anyone would presume all tech would just *disappear*. I didn't know about EMP yet. Necessity is the mother of horrific inventions, eh?
So, here I am a decade later, and I'm reading about a book based on a similar concept as that old show. This time, I know what EMP is...and also know that, if applied on a global scale, repeatedly, at the bare minimum much of the marine population would be disoriented to extinction. Sharks, and many other marine species detect minute variations in the electrical field to find their prey. Intermittent massive pulses of energy would almost certainly blind them, causing some pretty nasty changes to the ecosystem.
OK, OK, the Greatwinter could be argued to make such minor extinctions irrelevant. But consider--anything that would indescriminately destroy electronics would cause *any* metal to spark--so you'd actually be looking at a pre-medeival society, no?
I'm actually liking these Slashdot book reviews alot. Makes me realize I need to go read more
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
For the love of god, LAUNCH RIGHT!
Don't say you can index 800 million pages in three months when your database gives less results that Lycos circa 1996.
Hyperbole is rife in the computer world in general, and it's one of the genuine strengths of the Open Source community that we're very results oriented--Apache gets *results*. Samba *works*, and actually *does* knock NT out of the park in terms of flexibility and feature sets. And so on.
There are exceptions, granted, but we don't stretch our credibility to the breaking point nearly as much as stock-price-manipu^H^H^H^H^H^Hmaximizing corporations practically have to.
My problem with Juggernaut is that, while their technology might be awesome, their online index *isn't*. When you don't even get enough hits back to compare whether the hits are delivered in an optimum order, you know there's a problem. That, combined with the fact that the site looks decidedly 1996'ish(sorry, I know there's a webmaster out there who doesn't like me right now), tarnishes the otherwise excellent announcement that we now ostensibly(pending testing) have an extremely high quantity and quality search engine system, not to mention the birth of a new business model--the internal search engine of external content.
Honestly, I must admit there's something to be said about companies purchasing internal versions of large search engines, just so no outside source can watch the unencrypted stream of queries coming from a given company to deduce what projects they're working on.
The Juggernaut guys may be on to something, but I'm still a Google addict.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
An interesting article--suprisingly well thought out, particularly on the part of the doubting inventors. I particularly like the quote, "This is like justifying road accidents because they provide hospital beds." I'm going to end up using that quite a bit.
Alot of the sins that people are about to complain about aren't really ascribable to this automated system--yes, you can track many more people, but the bottom line is that if you accept surveilance at all--video, armed guard, or whatnot--everything from doing cartwheels to loitering with some friends is being monitored.
But as long as a human's watching, it's not truly annoying anyone.
Therein lies the rub. The real problem with these systems is that the "George's"(dumb+cheap security guards, think Half-Life) of the world won't be happy being interrupted by false positives. No matter how tuned these systems get, there will always be perfectly innocuous activities that will trigger the alarms. There will end up being innocuous classes of behavior which cannot be trained *out* of the system, since to do so would be to cause the system to miss too many postive events.
A security shift supervisor can tell a rookie to not bug him about some stupid kid smoking a cigarette instead of catching the bus, but these guy's system will be forced to blare every time someone lights up.
Suddenly, all the human ugliness of sexism, racism, and agism comes into play, and entire swaths of society will be deemed worthwhile to forcibly teach not to trigger the dumb(by human standards) sensor arrays. Suddenly, the limits of the technology drive the law, first unwritten, then made official.
Don't flirt in a certain manner--it causes the sensors to think you're a rapist. Don't laugh too loud while raising your hands--the sensors might think you have a gun. Don't miss your train too many times, or you'll no longer be welcome at the station.
I actually find this tragic--this is a very cool technology that has uses all over the place, from security analysis to environmental monitoring. I think these are the first inventors I've seen who have a grasp on just where their technology might go, and immediately express hope that society as a whole will grapple with what they've done. Is this the model of technological ethics? Honest scientists creating what they can, hoping not that all will be right but that the good will outweigh the misuse, and the abuse will be suppressed by legal means?
Interesting to think about. After reading about the gait analysis technology, perhaps good posture will once again be mandatory...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
From the recently posted C|Net article about AT&T being blocked by AOL:
Despite warning signs, AT&T executives had been hopeful AOL would cooperate, especially given the online leader's recent push for so-called open access to cable networks.
It took nearly everything I had to not break out in a fit of laughter upon reading this. AOL is desperate to get direct access to *some* form of high speed gateway, to the point where they dumped a couple hundred million into *satellite* technology(DirectPC, to be specific. Great for rural areas, but rather horrific to scale--and one way, too).
So here you have AOL, banging on the doors, trying to get the law (very very justifiably!) twisted so that, gee whiz, there can actually *be* ISPs that don't own the direct lines of communication.
Meanwhile, at the very same time, Microsoft is banging on their door, trying to be an IMSP(Internet Messaging Service Provider) that doesn't own all of the direct communication servers.
The communications architectures are publically supported(guess whose land all that fiber's going over!), while the Instant Messanging systems *aren't*, but those are just *details*. On one hand, AOL wants open access to AT&T's property, and on the other, AOL wants closed access when it's their own damn network!
Oh, what a brilliant gambit on the part of AT&T, calling them on an apparent contradiction! I honestly would not be surprised if the only reason AT&T ever partnered with Tribal Voice in the first place was because they realized AOL Just Couldn't Win Both Battles--and either way, their "enemy" would be weakened by either loss.
AOL's counter should be interesting. I know some of the guys at AOL--hell, one of 'em is probably the single smartest networking guy I've ever met. We're talking about a company that, in response to Microsoft's attempts at circumventing their network security, consistently and repeatedly exploited security holes in Microsoft's AIM client, and likely threatened to announce exploits for their client unless Microsoft caved in. (They did.)
AOL is bound to have a truly fascinating response to all this. I, for one, am going to be watching, popcorn in hand.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Am I the only one who gets the impression that company names of the late 90's are going to be remembered in the same light as bell bottoms and platform shoes?
Of course, this coming from a guy who calls himself Effugas and runs a website named DoxPara Research...Look mah! Mid-Name Capitalization, the Almighty X, and *Gasp* RESEARCH!
;-)
Yours Truly,
Dan Kaminsky
DoxPara Research
http:///www.doxpara.com
A user rings
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"
I'm feeling very uncomfortable here. I mean...I've grown up worshipping the BOFH...and now...what doth my eyes detect, but...
A Bastard Chief Executive Operator From Hell?
You know, some strange part of me wants to see this as a complement.
The odds that Mr. Schmidt purchased something from such a fly by night operation that the credit card number was embedded in the cookie so low, that it stretches the imagination beyond repair to consider the idea that that same operation would ever have the technical desire or even knowledge to use Novell's new DigitalMe software!
Of course, he could have just been tricked by a *real* BOFH... "GEEK! HOW DID MY CREDIT CARD NUMBER GET TAKEN!" "Mmmm. Cookie." "I knew those things were trouble!" "Mmm. Oreo. Chips Ahoy. Yum."
Seriously, there's a gigantic amount of irony embedded in Novell proposing that their DigitalMe system would improve consumer privacy. Consider: Most sites that require state don't require your identity, pretty much because it takes time to get somebody to reveal who they are, and attention spans are small. Look how much traffic The New York Times loses from people too lazy to even lie on a form--MTV may have done more for consumer privacy than any other company in history.
Novell's DigitalMe changes that. Assuming the infrastructure is such that any site that wants to do trustable-state transactions(which is really what Schmidt and Novell is trying to sell) actually has enough DigitalMe access to not have to worry about Yet Another Single Point of Failure, DigitalMe lets the user disclose every piece of information the user could possibly expose in the click of a "OK, tell 'em whatever they want to know."
Heh, Novell--Suddenly everyone's finding out a hell of alot more about you!
And the worst part? Unlike that paltry $50 liability had, you'll never know what people are doing with your personal information. I find it interesting that in a place that espouses freedom and individuality so much, people don't own their identities.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
There's no problem of "memory" when you go from your front door to your mailbox and back...that is, there's no reason to think the universe has trouble "remembering" the door is there, or the mailbox is there.
;-)
Problem: You just created an entirely deterministic universe. Everything that was(at least) or will ever be(at most) has already been predetermined in your picture of things.
Welcome to the land of PseudoEntropy, where particles appear to follow undefined patterns but in fact are all going according to plan?
A particle with intrinsic randomness can act without memory. A particle without intrinsic randomness has absolute memory, since all effects are determinable...but guess which one physics (and Heisenberg, who is abused on an daily basis) prefers.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
People like to think of going back in time, mainly because of the psychologically tragic reality of 20/20 hindsight.
The problem is the complexity a backwards traversable universe creates.
For example, if one can travel back to 1950, that implies that, somewhere, somehow embedded in either the fabric of the unvierse or in the structure of subatomic particles is the exact memory of where and when everything and everyone was. Perhaps an infinitely growing thread(imagine a pencil leaving a trail as it moves over a paper...of course, some small chunk of the pencil is removed with each motion), or perhaps some kind of structural memory, but somewhere, the State Of What Was has to be preserved.
Sounds rather deterministic, in a universe that seems to have blurriness built into its very design.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
So God writes a document full of encoded criminal plans, without handing over the keys.
;-)
Now, that makes God a criminal right?
Everything makes much more sense now; such strangeness, here in a rather protestant nation with a distaste for catholicism which spawned from the country that created a new religion so its king could get a divorce...
Makes ya proud to be a Jew
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
I'm beginning to wonder about the proliferation of licenses in a slightly new light:
What if it's not merely a problem to have new licenses pop up that are more complex, more restrictive, more Gotcha-Source(where users presume rights that some small clause shoved into five words restrict) than the standard, rather simple to generally understand but well defined and heavily thought out GPL, LGPL, and BSD licenses?
What if it's a significant worry to have licenses that aren't complex enough?
After all, we talk alot about the benefits of Open Source turning the copyright system inside out upon itself, protecting situations where others restrict further usage of code beyond what the original authors ever intended. I like the Novell License for its simplicity and its lack of Gotchas for the user, but I have to wonder if there's not some small aspect of a ticking time bomb for Novell built into it?
There's a reason for every single clause in the GPL. The arguments are publically available and quite searchable. (Is there an annotated GPL out there, incidentally?) Novell's license isn't nearly as extensive, which could create a situation where *cough* a certain devious company sets up a front startup to Embrace and Extend Novell's code in a manner so as to make them anexample to the industry.
The GPL closes loopholes. It almost feels like the only reasons for this Novell license to exist are to leave them open.
There's a dark side to that. As far as I know, copyright law is set up such that one has no rights to the content beyond that which is explicitly granted. It is not inconcievable that Novell could be forced(or has individuals counting on being able to) to go to court to try to reclose a loophole that never should have been there in the first place, making a whole bunch of noise about the inadequacy of Open Source in the process.
It's a Media War, and all that.
Now, I doubt this is what Novell is up to. They've been doing some pretty cool stuff for Linux. (Windows 9x is another matter.) But they're going down a dangerous road.
I offer an alternative: Give us differential licenses! People like to refer to licenses using phrases like "GPL but you can't fork" or "BSD but you need to advertise in Playboy" or whatnot. If there's a pressing freedom or restriction that needs to be embedded in the license, ship the GPL with a patch. There will be some noise made, and your license should not include GPL in the name, but at leaast it would be simple to derive what specific changes you desired.
It's just not clear from the Novell license why, say, they didn't just go with BSD. And that's a problem.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Guilty until you prove you're innocent, no right to remain silent, no right to a jury trial, produce your encryption keys or go to jail... At least in the U.S. we have some time off while Congress takes a break.
Congress ain't asleep at the wheel. Brilliant law coming out that lets the government claim that an encrypted message says anything they want it to, and they have no requirement to disclose how they decoded that message. Their decoding becomes presumptive fact.
Steganography isn't the cure for this; quite the opposite! Under this legal system, you could provide all the keys you've ever touched in your life, you'd be unable to prove that the government didn't actually find incriminating evidence hidden under an alternate passphrase channel.
The general idea being bandied around both legal systems is to insert as much nervousness as possible, taking advantage of people's natural laziness and trustfulness to make them avoid encryption technologies. Then, anyone who isn't lazy and trustful can be selected and monitored--go check out the NSA drowning with info story. Imagine cracking a SSH session only to find some teen chat!
The big stick on both sides is as follows: "You try to hide your messages from us, and we'll manipulate the legal system to give us unlimited power to ruin your life and the lives of those you love."
But I must be fair. Power abhors a vacuum. Data Mining is quickly building comprehensive profiles of many more people much more efficiently than any CoIntelPro could have hoped, but the knowledge is not going into any organization with a mandate to the people.
I have to wonder. Which to prefer? A constitution? Or a stock certificate?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Re: ICMP File System:
I WANT TO SPEAK TO YOUR FRIEND.
This sounds like an utterly awesome toy to play with. I'd email you, but your address isn't listed.
Contact me.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
The biggest joke in the entire Go v. GoTo war is that Disney probably could have gotten away with a small font change, a more pronounced traffic signal, and a black-with-white-outline backdrop instead of the yellow that GoTo used.
The reality is that Disney figured, heh, we're Disney and they're just some little company using Inktomi's database to sell a few banners. Screw 'em.
That they refused to budge--at all--probably created a more vicious response from the judge than they might have already gotten.
Incidentally, choosing logos and naming companies isn't entirely that simple. Back when I was still convention hopping(sigh why am I not at Comdex right now?) Infospace, the software company, was quite royally peeved at Infospace, everybody's favorite personal and business info search engine.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Ahem. Typical Slashdot Discussion:
10% "I patented the obvious" jokes
70% "Oh, isn't this exactly like this technical solution deployed years ago on this platform using this technology for that purpose"...
Slashdot is probably one of the most effective places for prior art discovery ever found. The general rule is, if Slashdot sees your patent, nobody is going to respect you in the morning.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Breaking Lotus might have been Just Gravy, but more likely was an accidental result to a proactive security fix.
I was reading about the SP6 fix earlier, and am desperately trying to remember which other application was having the same problems Lotus was but have so far failed. Essentially, Microsoft had been granting all user level applications raw socket access of some type--"raw ports" was the term being used. Likely, they discovered there was some security issues exploitable via this method.
Unfortunately, people were using this system for legitimate purposes, which caused a good chunk of programming to crash and burn all over.
We probably shouldn't be too harsh on MS for SP6--after all, how painful was the libc5->glibc upgrade effort? How many times did StarOffice mysteriously stop working?
That being said, it's extraordinarily likely that, with Microsoft's enormous test labs, they found that Lotus Notes broke with the new service pack, and intentionally neglected to inform Lotus that they'd need to put out a fix.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
(My question is in boldface, at the end of this post. You may ignore my observations if you like.)
Ever since the Finding of Fact was released, I've been thinking about this one scene from a story I read a couple years ago. The lead vampire, strongest and most vicious creature in the land, is finally defeated when the hordes of zombies he created are turned against him. He easily fights off the first few, but they keep coming, wave after wave, a nick here, a scratch there, until he is finally torn asunder.
Take one incredibly deep pocketed corporation. Add in thousands of unprofitable Internet companies, all with venture capitalists screaming for some way to get their money back. Now toss in a tremendous number of lawyers, each desperate to feed at the Trough of Infinite Wealth, and you have a potential legal evisceration of one of the country's most powerful companies.
I may be a Linux supporter, but I try to be consistent. Abuse and overuse of the legal system genuinely isn't all that productive, and is often used to replace that oft-repeated concept of "Innovation". (Witness Unisys's exploitation of GIF without a single byte of optimized GIF generation code coming out of them, and other entirely corrupt abuses of the USPTO.)
I want to see something done to check the abuses of Microsoft, but I don't want to see the company converted into a liquidation sale for hungry lawyers and startups that (sadly) didn't have much of a working business plan in the first place. Thus my question:
Is it a) Legally possible and b) Remotely conceivable that Microsoft and the U.S. Government will come to a settlement that will insulate Microsoft from any and all lawsuits based upon their abuses over the last ten years?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Americans go to jail for having sex before 18. And you talk about freeedom. My ass.
No, Americans go to jail for being well over the age of 18 and having sex with someone well under the age of 18, usually around 15 or 16.
There's a very conscious effort in American society to segregate Underclass High Schoolers, Upperclass High Schoolers, College Kids, and New Workers--thus, driving ages, smoking ages, and drinking ages. But most of the effort is directed towards social constraints, which are amazingly effective in this image based society.
There are some arguably strange legal occurances, to be sure--if I remember right, California Penal Code 620.9 is written such that two 16 year olds having sex could both go to jail. However, it's never enforced in that manner, most likely due to privacy violations and judges losing respect for DA's.
Incidentally, a good friend of mine was getting molested in one form or another by her next door neighbor since the age of 13--after five years of it, lets just say she's not exactly where she should be in terms of sexual knowledge. Trust me--you don't want old guys going after really young chicks--it genuinely does fuck things up.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
RMS was at Tsinghua University in China to speak about free software in October.
;-)
Cool. Wonder if he made any interesting Han Solo award comments
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Something just doesn't sit right between BSAFE and I.
Ever since RSA insisted that PGP not use its independantly developed implementations of public key technology, and rather switch to the RSA codebase, I've been unable to trust BSAFE.
After all--we know the design justifications behind everything in the original version of PGP, and the various algorithms contained with SSLeay. I can't imagine how I could ever have the same kind of faith in a company whose very existence is dependant upon the agencies whose primary agenda is to stifle the spread of encryption technologies.
Protocols are proved by unique implementations--just ask NASA, which has multiple unique implementations of all critical systems, so a major bug in one doesn't cause the primary mission to fail. That RSA Inc. specifically tries to suppress unique implementations tells me that any software based on their code is unproved.
That's my opinion, and I'm sticking to it.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
It's somewhat strange talking about Linux "becoming" international--we're talking about an OS with core kernel developers both coming from and living in almost every corner of the globe. (Mysteriously, although a Pengiun is our mascot, we have no Antarctic representation. ;-)
;-)
;-)
However, I still wonder if there will be a time when Linux development will be so decentralized that consensus on a development language could become difficult to achieve.
No, not C, C++, Java, Basic, Etc. I mean English.
After all, while English is rather standard as a second language throughout most of the world(for better or worse--damn picky language!), and the kernel is *now* written in the language(variable names, comments, keywords, etc.), the high density of immense programming talent in countries such as India and China that do not primarily speak English could create an altogether new kind of code fork.
Is code obfuscated if it's rewritten in an unfamiliar, maybe even two-byte language?
What if I so obfuscate some GPL code? Do I have the legal obligation to release a non-obfuscated(read: translated) version?
I actually honestly doubt anything onerous would come between the Tower of Babel.h and the GPL. But I could see some confusion sooner or later--I've gone through more than my fair share of code written in french, and it ain't too fun
Other stuff:
Only Stallman Could Go To China. (After ESR's well-intentioned but rather brutal slapdown of China's ethical policies, one actually has to pause and notice the irony--RMS The Diplomat, ESR the Firebrand?!)
as American people don't necessarily think in the same way with their governments, Chinese people also enjoy this freedom. Please update your vision of China from the horrible "10 Red Years", on which we have also introspected with great regret and overcome it more open-minded since the reformation brought by Mr. Xiaoping Deng.
An interesting way to look at things. However, Americans are pretty used to hearing stories about people getting jailed for being in the kind of small, powerless political parties that Americans have a long history of mocking without mercy for being ineffectual and unprofessional.
The thought of people going to jail we prefer to laugh at is rather alien to Americans
Of course, your point is extremely well taken--You Are Not Your Government. It's stupid thinking like that which gets civilians killed in wars for no other reason but that they obviously support The Enemy. (Then again, it's relatively easy for citizens to unify under their government in times like, say, when an embassy or a federal building gets bombed.)
Keep us posted--political issues aside, I'm extremely interested in those small, university level projects to add genuinely new and cool stuff to Linux.
Thanks for the update!
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
The worse the patents get, the better the odds of software patents being thrown out en masse.
Consider: Government powers explicitly derive from Constitutional assignment. Clause 8 of Article 1 grants the following:
Clause 8. The Congress shall have Power To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.
Promote, eh?
The patent office has expressed gross incompetence in its assignment of software patents--indeed, it may not be possible, due to the rapidly iterative nature of software development, to correctly apply standard patent methodologies to software. (As I've argued before though, lots of unwarranted patents make for a rich Patent Office and very rich Patent Attorneys! So I don't particularly believe the overworked and underclued patent examiners are being overworked or underclued accidentally.)
For whatever reason Software Patents are completely failing their Constitutional mandate, there is widespread consensus that the United States Patent and Trademark Office has long since wasted away any shred of legitimacy when it comes to the realm of software patents.
Without a legitimate claim to the constitutional powers they derive their right to regulate from, all their powers dissipate, and the software patents already assigned become null and void.
Comments? I have more to say, but I'd like to hear what you think about this.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
they're competitors
s/they're/their .
Dan hangs his head in shame, and walks away...
--Dan