Yeah, but if you leave aside the 'paying the 12 year old to click the button' part, where is the flaw here? If Blizzard et al really want the EULA to be a contract, that implies that 12 year olds cannot, of their own accord, install their software, plain and simple.
Or is it simply that they want a right to have their EULA given force without regard to tort law?
Isn't this an old Unix thing? I know some of the early Unices only allowed 14 chars, but I know the old 'backslash spaces or use quotation marks to indicate filenames with spaces on the command line' thing has been around on Unix since at least the late 80's.
FAT itself was never patented. This patent was covering Microsoft's scheme for packing long filenames into the old FAT system in such a way that a short filename (microso~1.txt et al) is persistently perserved for old DOS apps.
Microsoft felt that their innovation of a particular data structure (the same kind of elementary data structure that sophomore CS majors put together all the time) ought to be sufficient to allow them to control who gets to read and write from flash media, and etc., which adopted the format simply because that was the only thing that Windows could be relied upon to understand.
The loss of this patent strikes no blows against the freedom to innovate, believe me.
Wow, quite the partisan, "one side fits all" view of reality, huh?
There were lots of irregularities in Florida, including an unconstitutional supreme court intercession in an area that the constitution specifically assigns to the states, and including the erroneous disqualification of 50,000 minority voters. Democrats attempting to get certain votes excluded, Republicans attempting to get others excluded, Democrats trying to get elderly Jewish voters for Buchanan reconsidered, Republicans (successfully) trying to get military votes that did not follow the statutory requirements for overseas voting accepted..
No they don't. Some bugs in OpenOffice are 2 or 3 years old and nobody is fixing them. The address book problem with Mozilla is there since 1.0 and nobody is fixing it. A quick look showed that KDE still has 7497 bugs, but they still prefer to add new shiny things. Do you want me to go on?
Hey, I reported a Java bug to Sun 7 years ago, it has hundreds of votes in their bug database, and it *still* hasn't been fixed. Large software projects entail a large number of bugs, that's just a fact of life. The question is, how rapidly is the software progressing generally? That's a factor not of open source vs. closed source, but of the number of people working on the problems, and the complexity of the code.
The number one rule with OSS should be : no new feature until all know bugs are fixed (alphas excluded of course). Can you name a single project with this philosophy?
OSS permits investigation, but no one is doing it because most OSS project have very little documentation. The result is most OSS project are extremely buggy.
Some people are doing it, obviously. The point of open source availability is that there are 6 billion people on the planet, all you need is one guy in Kazakhstan who sees a particular bug and writes a patch.
And it does happen, all the time. 6 billion people is a lot of people.
And even worst, since most people who "work" on OSS project do it as a hobby, they prefer to add new shiny things rather than fixing bugs.
Most OSS projects are not the big, name brand products like Mozilla, Open Office, Linux. Those projects get very rapid and thorough development, and bugs that are reported (particularly but not exclusively by a technical user/coder) get fixed with alacrity.
Lots of people do get paid to work on OSS, you know.
All of the sites I've seen discussing WPA vs. WPA2 make is seem like the big thing in WPA2 is the use of AES.. I would suspect that there is more to it than that, but WPA-PSK/AES is probably pretty close to 802.11i/WPA2. More to the point, I'd expect that any hardware capable of using WPA with AES could be firmware upgraded to full WPA2 if there are any lingering changes.
I believe the AES implementation they are using actually does encrypt the ethernet (MAC) address, unlike WEP. (See Tying It All Together in this article for corroboration of that.)
I'm just not into the passive-aggressive S&M ideals of forcing other people to do things that the GPL is founded upon.
Forcing people.. like forcing people to pay you to use your software? Why do you care about one forcing more than another?
I mean, come on.. everything in the world has a price, it's all a question of how that price is assesed and what it winds up costing you. GPLed software is cheap along many axis, but it has a cost and you are expected to pay it if you want to take advantage of it. BSD licensed software has its costs as well, in that anything you contribute under a BSD license may be used to compete against you asymmetrically. Some people are fine with that price, others aren't.
Claiming offense at the GPL's price in barter as if it were some peculiarly special burden seems odd, to me.
Or if you really want restrictive, under anyone's commercial EULA.
If the author wants to double-license XChat, that's great, he just needs to get consent from those people who wrote the software. Lots of products are dual-licensed under the GPL and other licenses.
They have a full right not to make their source code available. They don't have a right to distribute their code commingled with GPLed code to the degree that the code is non-functional without the GPL code, unless they distribute the whole under the terms of the GPL.
If the guy wanted to take a GPL'ed product, mix his own code with it, and use it privately, no problem. The GPL doesn't control use, just distribution.
Alternatively, the guy could get permission from all of the X-Chat authors to use their code under an alternative license.. but if those authors haven't consented to licensing terms other than the GPL, this guy doesn't have legal permission to distribute copies of the GPL'ed code under any other terms than the GPL.
It really angers me that anyone should get patents on such an obvious thing.. how in the world can the USPTO possibly pretend to know that no one in the world of software has ever done this before? Software differs from making airliner parts, in that anyone with a computer has all the pieces required to produce any piece of software they can think of. There have been probably millions of programs written over the last 50 years, and since software wasn't considered patentable during the vast majority of that time, there's an enormous corpus of prior art that should rightfully be extremely difficult to discount.
When the average cost of patent litigation is on the order of $3 million dollars, it's way too much to Microsoft's advantage (yes, even taking the Eolas patent into account) for the USPTO to allow any but the most extremely novel software patents to be granted.
Mmmm.. autotools is nice, but their complexity can be pretty seriously high, particularly for a project of very high complexity, or one that is not based around C or C++.
With Java, of course, I'd much rather see a nice Ant based build system.
Oooooh. Yes, that would seem to make it extraordinarily more difficult to craft a collision across both hashes, if indeed it is possible.
If MD5 and SHA-1 are strong, though, it should be about the same as if you used an SHA-1-like algorithm to generate a hash whose length was the sum of the MD5 and SHA-1 hash lengths, though, so you might just as well use SHA-256 or whatever.
I would think that stacking hashes like that would weaken protection, not increase it. If you just do a naive MD5 of the original input text, followed by a SHA-0 of the MD5 hash, you could break the verification by finding any plaintext whose MD5 matched the MD5 of the original input text.. but you don't have to. All you have to do is find a plaintext whose MD5 collides under SHA-0 with the original MD5 hash.
Since you can fake a match by either colliding in MD5 or in SHA-0, you've presumably weakened your hash relative to just using one or the other.
Yeah, but you can't do that between all versions of the Linux kernel.. see an NPTL kernel versus one without..
I take the point about statically bound apps and the complexity of supporting a custom glibc fork, but I'm sure there'll be provisios and limits on what versions of the Linux ABI are supported with this setup.
Mmmm.. but the vast majority of syscalls made on a Linux system are made by glibc. They'd have to tweak the syscall interface in glibc for Solaris, but an adapted glibc would still be one of the defining features for Linux API compatibility.
Slashdot Mirror
Hellooooo, satellite.
Over 99% of my MP3s come straight from rips of my own purchased CDs.
I've criticized points she's made in the comments section without getting deleted.
Yeah, but if you leave aside the 'paying the 12 year old to click the button' part, where is the flaw here? If Blizzard et al really want the EULA to be a contract, that implies that 12 year olds cannot, of their own accord, install their software, plain and simple.
Or is it simply that they want a right to have their EULA given force without regard to tort law?
Isn't this an old Unix thing? I know some of the early Unices only allowed 14 chars, but I know the old 'backslash spaces or use quotation marks to indicate filenames with spaces on the command line' thing has been around on Unix since at least the late 80's.
FAT itself was never patented. This patent was covering Microsoft's scheme for packing long filenames into the old FAT system in such a way that a short filename (microso~1.txt et al) is persistently perserved for old DOS apps.
Microsoft felt that their innovation of a particular data structure (the same kind of elementary data structure that sophomore CS majors put together all the time) ought to be sufficient to allow them to control who gets to read and write from flash media, and etc., which adopted the format simply because that was the only thing that Windows could be relied upon to understand.
The loss of this patent strikes no blows against the freedom to innovate, believe me.
A C# fan accusing Java of copying?
Excellent. Go Sun, Go!
Wow, quite the partisan, "one side fits all" view of reality, huh?
There were lots of irregularities in Florida, including an unconstitutional supreme court intercession in an area that the constitution specifically assigns to the states, and including the erroneous disqualification of 50,000 minority voters. Democrats attempting to get certain votes excluded, Republicans attempting to get others excluded, Democrats trying to get elderly Jewish voters for Buchanan reconsidered, Republicans (successfully) trying to get military votes that did not follow the statutory requirements for overseas voting accepted..
But it's simpler in your world, I guess.
That sounds good in theory, but in practice, lots of people with a clue run mail servers on Windows.
Why?It is an old article, yes. But it's still one of the most vivid discussions of antibiotic resistance in bacteria that I've read.
One of the very best things I've read on the topic of antibiotic-resistant bacteria:
Bruce Sterling: Bitter Resistance
No they don't. Some bugs in OpenOffice are 2 or 3 years old and nobody is fixing them. The address book problem with Mozilla is there since 1.0 and nobody is fixing it. A quick look showed that KDE still has 7497 bugs, but they still prefer to add new shiny things. Do you want me to go on?
Hey, I reported a Java bug to Sun 7 years ago, it has hundreds of votes in their bug database, and it *still* hasn't been fixed. Large software projects entail a large number of bugs, that's just a fact of life. The question is, how rapidly is the software progressing generally? That's a factor not of open source vs. closed source, but of the number of people working on the problems, and the complexity of the code.
The number one rule with OSS should be : no new feature until all know bugs are fixed (alphas excluded of course). Can you name a single project with this philosophy?
You mean like TeX?
There are very few projects, open or closed, that have that philosophy, I'm afraid.
OSS permits investigation, but no one is doing it because most OSS project have very little documentation. The result is most OSS project are extremely buggy.
Some people are doing it, obviously. The point of open source availability is that there are 6 billion people on the planet, all you need is one guy in Kazakhstan who sees a particular bug and writes a patch.
And it does happen, all the time. 6 billion people is a lot of people.
And even worst, since most people who "work" on OSS project do it as a hobby, they prefer to add new shiny things rather than fixing bugs.
Most OSS projects are not the big, name brand products like Mozilla, Open Office, Linux. Those projects get very rapid and thorough development, and bugs that are reported (particularly but not exclusively by a technical user/coder) get fixed with alacrity.
Lots of people do get paid to work on OSS, you know.
All of the sites I've seen discussing WPA vs. WPA2 make is seem like the big thing in WPA2 is the use of AES.. I would suspect that there is more to it than that, but WPA-PSK/AES is probably pretty close to 802.11i/WPA2. More to the point, I'd expect that any hardware capable of using WPA with AES could be firmware upgraded to full WPA2 if there are any lingering changes.
This is all a WAG, of course.
But I wouldn't want base 802.11 working with my AES-using base station, would I?
I believe the AES implementation they are using actually does encrypt the ethernet (MAC) address, unlike WEP. (See Tying It All Together in this article for corroboration of that.)
WPA2 with AES is the real deal.
I'm just not into the passive-aggressive S&M ideals of forcing other people to do things that the GPL is founded upon.
Forcing people.. like forcing people to pay you to use your software? Why do you care about one forcing more than another?
I mean, come on.. everything in the world has a price, it's all a question of how that price is assesed and what it winds up costing you. GPLed software is cheap along many axis, but it has a cost and you are expected to pay it if you want to take advantage of it. BSD licensed software has its costs as well, in that anything you contribute under a BSD license may be used to compete against you asymmetrically. Some people are fine with that price, others aren't.
Claiming offense at the GPL's price in barter as if it were some peculiarly special burden seems odd, to me.
Or if you really want restrictive, under anyone's commercial EULA.
If the author wants to double-license XChat, that's great, he just needs to get consent from those people who wrote the software. Lots of products are dual-licensed under the GPL and other licenses.
They have a full right not to make their source code available. They don't have a right to distribute their code commingled with GPLed code to the degree that the code is non-functional without the GPL code, unless they distribute the whole under the terms of the GPL.
If the guy wanted to take a GPL'ed product, mix his own code with it, and use it privately, no problem. The GPL doesn't control use, just distribution.
Alternatively, the guy could get permission from all of the X-Chat authors to use their code under an alternative license.. but if those authors haven't consented to licensing terms other than the GPL, this guy doesn't have legal permission to distribute copies of the GPL'ed code under any other terms than the GPL.
It really angers me that anyone should get patents on such an obvious thing.. how in the world can the USPTO possibly pretend to know that no one in the world of software has ever done this before? Software differs from making airliner parts, in that anyone with a computer has all the pieces required to produce any piece of software they can think of. There have been probably millions of programs written over the last 50 years, and since software wasn't considered patentable during the vast majority of that time, there's an enormous corpus of prior art that should rightfully be extremely difficult to discount.
When the average cost of patent litigation is on the order of $3 million dollars, it's way too much to Microsoft's advantage (yes, even taking the Eolas patent into account) for the USPTO to allow any but the most extremely novel software patents to be granted.
Gah!
Mmmm.. autotools is nice, but their complexity can be pretty seriously high, particularly for a project of very high complexity, or one that is not based around C or C++.
With Java, of course, I'd much rather see a nice Ant based build system.
Oooooh. Yes, that would seem to make it extraordinarily more difficult to craft a collision across both hashes, if indeed it is possible.
If MD5 and SHA-1 are strong, though, it should be about the same as if you used an SHA-1-like algorithm to generate a hash whose length was the sum of the MD5 and SHA-1 hash lengths, though, so you might just as well use SHA-256 or whatever.
Thanks for clarifying.
I would think that stacking hashes like that would weaken protection, not increase it. If you just do a naive MD5 of the original input text, followed by a SHA-0 of the MD5 hash, you could break the verification by finding any plaintext whose MD5 matched the MD5 of the original input text.. but you don't have to. All you have to do is find a plaintext whose MD5 collides under SHA-0 with the original MD5 hash.
Since you can fake a match by either colliding in MD5 or in SHA-0, you've presumably weakened your hash relative to just using one or the other.
Yeah, but you can't do that between all versions of the Linux kernel.. see an NPTL kernel versus one without..
I take the point about statically bound apps and the complexity of supporting a custom glibc fork, but I'm sure there'll be provisios and limits on what versions of the Linux ABI are supported with this setup.
Mmmm.. but the vast majority of syscalls made on a Linux system are made by glibc. They'd have to tweak the syscall interface in glibc for Solaris, but an adapted glibc would still be one of the defining features for Linux API compatibility.