Yes, but they'll probably be changing that to 1-888-HO-LINUX, since that better conveys their view that Linux is a cheap, shameless hussy with no morals whatsoever that hooked "their" code.
I purposefully sidestepped the GPL legal issues because IANAL as well. There a few clauses that deal with the issue of restricted license code being released under the GPL, for instance #7 which essentially states if there is a license conflict you "may not distribute the Program at all". This is referring to the GPL'd version, so this is why SCO has had to stop distributing Linux, but does not have to stop selling its commercial product.
On the general subject of the GPL though, I hope no one is going to be dumb enough to get a judge to rule that SCO distributed it's IP under the GPL and therefore lost *any* of its rights to that IP. If that happens it's going to be hyped as a validation of all of Microsoft's FUD about the "viral nature" of the GPL and a bad day for open source code in general.
As you say, this is about alledged misappropriation of code and incorporation of that code into another product. The license of the receiving product, in this case the GPL, should be irrelevent in any legal proceedings. I don't see that this is any different from one closed source license package ripping of the code from another closed source package in that respect. If anything though, because the code is now, and always will be publically available (as opposed to being in the public domain) the potential for damages paid to SCO if successful in it's efforts will probably be greater, but hey, IANAL.
Re:GPL the best bet
on
OSI vs SCO
·
· Score: 5, Interesting
SCO did their own Linux and released it. Since they did it under GPL, the cat's out of the bag.
Nope. This is wrong, and keeps cropping up again and again here and elsewhere. *Caldera* did their own Linux and released it under the GPL. SCO (the original) produced and sold commercial UNIX under several names. Caldera then bought SCO (again the original) and it's IP, and still under the name Caldera helped to start the United Linux directive. Up until this point, under the leadership of Ransom Love, Caldera "got it".
It would then appear that Ransom Love left and the lawyers took control, which is the point where they "lost it". Caldera became the current SCO, and the dubious comments about UNIX vs Linux started to fly around. The comments then became more legally inclined, finally culminating in the suit against IBM.
I'd guess that SCO started to come up with the prospects of the lawsuits after Ransom Love's departure. As they built up their "evidence" (which has yet to be publically documented in a satisfactory manner), the comments grew in the level of vitriol and FUD content. Presumably this increase was as the lawyers became more confident they could pull off their intended plan. Whether that plan is simply to be bought out, or they actually believe they can successfully sue IBM is a matter for speculation. As far as I can tell, all we can say about SCO's current plan is that it seems to be:
Piss off pretty much the entire *NIX community with threat of lawsuit.
???
Profit!!!
What step 2. is, remains to be seen, and I really hope it doesn't lead to 3.
On an unrelated note, what I want to read at this point is a frank positional summary by Ransom Love who is becoming somewhat conspicuous by his "absense" through all this mess.
As you state in your linked page, CRSNIC is run by Verisign. The same Verisign that handed.org prior to PIR and agreed to a three month handoff period from the start of the year. That would make the cut off March 31st or April 1st depending on your sense of humour. Which, it should come as no suprise, was the date that CRSNIC also stopped providing WHOIS info for.org domains.
I also notice that the Register story has been removed from the frontpage, although the direct link is still available. I think we can safely file this under "Death of.org predicted. Film at eleven."
DOH! You'd need a IP stack at the HDD or another Ethernet to USB at the monitor... my brain's obviously not working after yesterday's late night. Still, instead of implementing Ethernet on the monitoring device using USB/Firewire would probably be a simpler solution.
Now I've thought it though a bit more, what I'm getting really confused about is this "remote solution to local interference" issue. You can run an Ethernet interface local to the monitor, but not a HDD? What about putting the HDD inside a lead lined Faraday cage sited locally? Or am I missing something (else) here?
Actually a waveguide is essentially a metal pipe - normally rectangular in cross section. The EM signal actually travels through the air *inside* the "pipe", and not through the metal casing, which just serves to guide the EM waves (hence waveguide). It's generally used for high frequency stuff in the multi-GHz spectrum where attenuation through transmission along a conductor copper becomes a problem.
Coax cable, is just that; a cable with two conductors at different axial radii.
OK, this is *completely* off the shelf; no soldering or anything (well, maybe a little for the power arrangement). All you need is a USB HDD and a USB to Ethernet adapter (about $20-$30). Put all this in an environment proof box with some batteries for powering the USB device, link the Ethernet with your monitoring kit and off you go!
Actually, since all my boxes have GNU Textutils (even the Windows ones) I'd have used "sort -u *", but since the poster may or may not even be using *NIX, I used the longhand command above more to get the concept across. For all we know, his preferred method of achieving this might me to load the two files into a text editor, copy one document to the clipboard and paste it into the other, then use the editor's inbuilt sort function to produce the required file. There are plenty of GUI only types who would *have* to do this, although that group probably wouldn't have chosen a Cisco IOS based product due to the CLI...;)
I was going to suggest the "hosts.txt" that comes with KaZaA Lite, which is also pretty extensive (and available seperately). Your best bet is probably to "cat * | sort | uniq" to get the combined list, but it's going to be pretty extensive...
What about a standard mini-tower form factor PC running your distro of choice? Get an integrated mobo with onboard NIC, onboard ATA RAID, add a 1394 card if you can't get onboard and you are done. You can mount the disks via NFS, Samba or whatever over the LAN or use the Ethernet-over-Firewire driver to use the 1394.
It just might be able to be tweaked to double as a mail or web server if needed as well...;)
As The Reg has already pointed out, the traffic cameras used for the administration of Central London traffic access dues they are are talking about do not have an appropriate license for surveillance. The upshot of this is that the pictures gathered by the cameras can only be used for the intended purpose of billing drivers who take their cars into Central London The Reg has stated. I take that to mean that even if there was a major incident photographed by one of the cameras it would not be admissable in court anyway.
So, we have a bunch of roads which are full of marching people instead of essentially stationary cars. What admin worth his pay check *isn't* going to seize the chance to take the system off line and perform any routine maintenance and upgrades that this allows. Plus of course, if there had been a serious incident, you could have simply refused any requests for pictures you can't provide with "sorry, the system was off" and avoid any potential legal/PR quagmire of having the data altogether.
Seriously, if the security forces in the UK wanted more up to date photos of the more militant members of the crowds, do you think they'd need to co-opt traffic cameras?
Antispam legislation is fine and could work brilliantly if it's done right. The problem is, as many people have noticed, the international scope of the Internet and the fact spammers take advantage of that prevents it working. So what you need to do is side step the issue of international cooperation by making the ISP liable for failure to take action against spammers on their network and have a government body responsible for the prosecution and any revenues generated go into goverment coffers.
The way I envisage this to work is that the Governments of countries pass legislation that basically states an ISP shall not knowingly host a spammer, and failure to evict spammers from your network in a realistic timeframe will result in prosecution. You then have a government body that collects spam complaints from anywhere on the planet (like uce@ftc.gov) and goes after the ISPs hosting spammers within its jurisdiction. If the state wins the case, then they get money into their coffers (hopefully offset against taxes) until ISPs get the message and cut off the spammers.
Sure, it's not perfect and will leave an "Axis of Evil" attitude toward the nations that didn't enact such legislation, with large scale black listing by some parties for encouragement, no doubt. It would also be nice if the spammee could extract money from the spammer directly of course, but face it, that's unlikely to happen. It seems to me that removing the support infrastructure is going to be the most effective short term solution at this point.
It's a pain, because you need to know in advance what you are trying to download, so I usually run the standard Update first to see what's available and then switch to the other site to grab 'em. The only other caveats are, it still requires ActiveX to be enabled for the download to work and who knows what information gets sent to Microsoft?
I've never had a single spam message from those places.
I've had a few, but in the main, you are correct in saying not much spam comes from aol.com. However, an awful lot of spam *claims* to come from aol.com, even when it actually originates in China, Korea, or some spamhaus in the USA/EU. For this reason refusing mail from aol.com and others may give exceedingly good results with low enough colateral damage to be bearable for some home mail server operators.
Nope. It's actually in RFC2821 section 4.5.1 - Minimum Implementation:
Any system that includes an SMTP server supporting mail relaying or delivery MUST support the reserved mailbox "postmaster" as a case-insensitive local name. This postmaster address is not strictly necessary if the server always returns 554 on connection opening (as
described in section 3.1). The requirement to accept mail for postmaster implies that RCPT commands which specify a mailbox for postmaster at any of the domains for which the SMTP server provides mail service, as well as the special case of "RCPT TO:" (with no domain specification), MUST be supported.
SMTP systems are expected to make every reasonable effort to accept mail directed to Postmaster from any other system on the Internet. In extreme cases --such as to contain a denial of service attack or other breach of
security-- an SMTP server may block mail directed to Postmaster. However, such arrangements SHOULD be narrowly tailored so as to avoid blocking messages which are not part of such attacks.
Note that there are no punitive measures are listed at all, in fact the worst that can happen for bending an RFC is that you will be named and shamed on a site like www.rfc-ignorant.org and maybe be blocked by some system admins. If you actually *break* the protocol on the otherhand, then things will probably get a little more ugly...;)
And what's age of design got to do with anything? Take the the B52 bomber, that first flew in 1955, twenty years before Concorde, and is expected to remain in service for perhaps another thirty years. That's an active service life of nearly seventy years! Sometimes you just hit on a design that gets almost everything so right the cost of replacing it just doesn't justify the benefits that would be gained.
is rated for mach 0.95. It is almost as fast as concorde
Concorde is capable of at least mach 2.2 and routinely cruises at that speed on trans-atlantic flights, I'd hardly call mach 0.95 "almost as fast" as mach 2.2. More significant to me is that "mass" commercial supersonic travel is coming to an end, albeit for now at least, unless the copied Russian version is still flying.
Still, at least the plane should find itself with a major entry in the history of aviation as the first supersonic passenger plane.
It really was just a matter of time, wasn't it? Microsoft has a serious performance issue with some systems, so obviously *everyone* running Windows XP-SP1 is going to want the patch, whether they are effected or not. So what do they do? They sit on the patch.
Result: What we have here; lists of links to "patches" cropping up everywhere, WaReZ sites, news sites, 3D and gaming sites, you name it. Now, how easy is it going to be for the kiddies to slip some trojans into the mix. Congratulations Microsoft; you quite likely just got a significant percentage of Windows XP systems rooted.
No arguments from me there, I'm in a mixed shop although we generally prefer Linux/Solaris, especially at the high end of server selection. If going the Microsoft route, Windows 2000 is by far and away the best version of Windows shipping for servers, and I'd have to go with XP for the desktop (with styles on or off).
As to the patching/flaws thing, my point was that some people only upgrade (and to an only slightly lesser extent, patch) their OS when they upgrade their hardware. That's certainly true for *nix as well, although I would expect to see a higher proportion of *nix users keeping on top of patches than Windows, purely because of the demographics of the userbases. Most *nix users have made an informed decision to go down that route, whereas many Windows users are using it purely because it's what the box came with from the vendor.
Then you are left to a choice, buy more software from Microsoft (so you can run securely), use OS software with respective VMs (and take the risk that all of your software won't work), or keep using your unsecure OS.
Yes, and judging by the number of Nimda and Code Red probes we're still seeing most of them go with option number #3, at least until replace their hardware and upgrade by default. Fortunately, a growing number of companies have seen the light and are in fact going with option #4: Say "screw that" to Microsoft and move to Linux and something like OpenOffice.
This sounds like something that you could probably arrange with your local computer user group(s). I know my local LUG members occasionally swap more than just info, but it's more adhoc printer for a scanner type stuff than an organized swap-shop. It shouldn't be too difficult to arrange for everyone to bring anything they don't want or need anymore to the next meet and have a group bartering session.
If you look at, or already use, Big Brother then *please* make sure you read the article on it in issue #60 of Phrack as well. Owing to the way the software is implemented, the thing can be a goldmine of information for hackers and it is *essential* that your BB box is properly secured.
That said, it does appear to be a capable, fully-featured package and I'd guess that as long as you take the proper precautions you should be OK. I can't comment on the stability though; the security concerns I had were enough to cause me to move along to the next product on my list.
A thought just occurred to me reading the Slashdot write-up for this. Inevitably when someone patents something stupid under the USPTO there is a comment about prior art in the Slashdot write-up, the tone of which seems to be "if someone has prior art, then the bad patent will go away", but is this *really* the case? Suppose I have the ultimate prior art on a bogus US patent but hadn't applied for a patent because I thought it was so obvious, could I produce the prior art, overturning the patent, then apply for a patent of my own and sue the ass off the original patent applicant for licensing fees, since they would now be infringing on *my* patent?
Slashdot Mirror
Yes, but they'll probably be changing that to 1-888-HO-LINUX, since that better conveys their view that Linux is a cheap, shameless hussy with no morals whatsoever that hooked "their" code.
On the general subject of the GPL though, I hope no one is going to be dumb enough to get a judge to rule that SCO distributed it's IP under the GPL and therefore lost *any* of its rights to that IP. If that happens it's going to be hyped as a validation of all of Microsoft's FUD about the "viral nature" of the GPL and a bad day for open source code in general.
As you say, this is about alledged misappropriation of code and incorporation of that code into another product. The license of the receiving product, in this case the GPL, should be irrelevent in any legal proceedings. I don't see that this is any different from one closed source license package ripping of the code from another closed source package in that respect. If anything though, because the code is now, and always will be publically available (as opposed to being in the public domain) the potential for damages paid to SCO if successful in it's efforts will probably be greater, but hey, IANAL.
Nope. This is wrong, and keeps cropping up again and again here and elsewhere. *Caldera* did their own Linux and released it under the GPL. SCO (the original) produced and sold commercial UNIX under several names. Caldera then bought SCO (again the original) and it's IP, and still under the name Caldera helped to start the United Linux directive. Up until this point, under the leadership of Ransom Love, Caldera "got it".
It would then appear that Ransom Love left and the lawyers took control, which is the point where they "lost it". Caldera became the current SCO, and the dubious comments about UNIX vs Linux started to fly around. The comments then became more legally inclined, finally culminating in the suit against IBM.
I'd guess that SCO started to come up with the prospects of the lawsuits after Ransom Love's departure. As they built up their "evidence" (which has yet to be publically documented in a satisfactory manner), the comments grew in the level of vitriol and FUD content. Presumably this increase was as the lawyers became more confident they could pull off their intended plan. Whether that plan is simply to be bought out, or they actually believe they can successfully sue IBM is a matter for speculation. As far as I can tell, all we can say about SCO's current plan is that it seems to be:
- Piss off pretty much the entire *NIX community with threat of lawsuit.
- ???
- Profit!!!
What step 2. is, remains to be seen, and I really hope it doesn't lead to 3.On an unrelated note, what I want to read at this point is a frank positional summary by Ransom Love who is becoming somewhat conspicuous by his "absense" through all this mess.
As you state in your linked page, CRSNIC is run by Verisign. The same Verisign that handed .org prior to PIR and agreed to a three month handoff period from the start of the year. That would make the cut off March 31st or April 1st depending on your sense of humour. Which, it should come as no suprise, was the date that CRSNIC also stopped providing WHOIS info for .org domains.
I also notice that the Register story has been removed from the frontpage, although the direct link is still available. I think we can safely file this under "Death of .org predicted. Film at eleven."
Now I've thought it though a bit more, what I'm getting really confused about is this "remote solution to local interference" issue. You can run an Ethernet interface local to the monitor, but not a HDD? What about putting the HDD inside a lead lined Faraday cage sited locally? Or am I missing something (else) here?
Actually a waveguide is essentially a metal pipe - normally rectangular in cross section. The EM signal actually travels through the air *inside* the "pipe", and not through the metal casing, which just serves to guide the EM waves (hence waveguide). It's generally used for high frequency stuff in the multi-GHz spectrum where attenuation through transmission along a conductor copper becomes a problem. Coax cable, is just that; a cable with two conductors at different axial radii.
OK, this is *completely* off the shelf; no soldering or anything (well, maybe a little for the power arrangement). All you need is a USB HDD and a USB to Ethernet adapter (about $20-$30). Put all this in an environment proof box with some batteries for powering the USB device, link the Ethernet with your monitoring kit and off you go!
Actually, since all my boxes have GNU Textutils (even the Windows ones) I'd have used "sort -u *", but since the poster may or may not even be using *NIX, I used the longhand command above more to get the concept across. For all we know, his preferred method of achieving this might me to load the two files into a text editor, copy one document to the clipboard and paste it into the other, then use the editor's inbuilt sort function to produce the required file. There are plenty of GUI only types who would *have* to do this, although that group probably wouldn't have chosen a Cisco IOS based product due to the CLI... ;)
I was going to suggest the "hosts.txt" that comes with KaZaA Lite, which is also pretty extensive (and available seperately). Your best bet is probably to "cat * | sort | uniq" to get the combined list, but it's going to be pretty extensive...
It just might be able to be tweaked to double as a mail or web server if needed as well... ;)
So, we have a bunch of roads which are full of marching people instead of essentially stationary cars. What admin worth his pay check *isn't* going to seize the chance to take the system off line and perform any routine maintenance and upgrades that this allows. Plus of course, if there had been a serious incident, you could have simply refused any requests for pictures you can't provide with "sorry, the system was off" and avoid any potential legal/PR quagmire of having the data altogether.
Seriously, if the security forces in the UK wanted more up to date photos of the more militant members of the crowds, do you think they'd need to co-opt traffic cameras?
Yeah, I thought that too. Right up until the point I lost my license for repeated double parking alongside fire hydrants... ;)
The way I envisage this to work is that the Governments of countries pass legislation that basically states an ISP shall not knowingly host a spammer, and failure to evict spammers from your network in a realistic timeframe will result in prosecution. You then have a government body that collects spam complaints from anywhere on the planet (like uce@ftc.gov) and goes after the ISPs hosting spammers within its jurisdiction. If the state wins the case, then they get money into their coffers (hopefully offset against taxes) until ISPs get the message and cut off the spammers.
Sure, it's not perfect and will leave an "Axis of Evil" attitude toward the nations that didn't enact such legislation, with large scale black listing by some parties for encouragement, no doubt. It would also be nice if the spammee could extract money from the spammer directly of course, but face it, that's unlikely to happen. It seems to me that removing the support infrastructure is going to be the most effective short term solution at this point.
They still do, kind off, as a function of the standard Windows Update site. For instance, Microsoft wants me to get my Windows XP Updates from the URL: http://v4.windowsupdate.microsoft.com/en/default.a sp. However, since I have a few machines running XP with no Internet access I get my patches instead from the URL http://v4.windowsupdate.microsoft.com/catalog/en/d efault.asp. Note the addition of the "catalog" in the URL!
It's a pain, because you need to know in advance what you are trying to download, so I usually run the standard Update first to see what's available and then switch to the other site to grab 'em. The only other caveats are, it still requires ActiveX to be enabled for the download to work and who knows what information gets sent to Microsoft?
I've had a few, but in the main, you are correct in saying not much spam comes from aol.com. However, an awful lot of spam *claims* to come from aol.com, even when it actually originates in China, Korea, or some spamhaus in the USA/EU. For this reason refusing mail from aol.com and others may give exceedingly good results with low enough colateral damage to be bearable for some home mail server operators.
And what's age of design got to do with anything? Take the the B52 bomber, that first flew in 1955, twenty years before Concorde, and is expected to remain in service for perhaps another thirty years. That's an active service life of nearly seventy years! Sometimes you just hit on a design that gets almost everything so right the cost of replacing it just doesn't justify the benefits that would be gained.
Concorde is capable of at least mach 2.2 and routinely cruises at that speed on trans-atlantic flights, I'd hardly call mach 0.95 "almost as fast" as mach 2.2. More significant to me is that "mass" commercial supersonic travel is coming to an end, albeit for now at least, unless the copied Russian version is still flying.
Still, at least the plane should find itself with a major entry in the history of aviation as the first supersonic passenger plane.
That rather depends on whether you are talking about the data file or the subject matter, doesn't it? ;)
Result: What we have here; lists of links to "patches" cropping up everywhere, WaReZ sites, news sites, 3D and gaming sites, you name it. Now, how easy is it going to be for the kiddies to slip some trojans into the mix. Congratulations Microsoft; you quite likely just got a significant percentage of Windows XP systems rooted.
As to the patching/flaws thing, my point was that some people only upgrade (and to an only slightly lesser extent, patch) their OS when they upgrade their hardware. That's certainly true for *nix as well, although I would expect to see a higher proportion of *nix users keeping on top of patches than Windows, purely because of the demographics of the userbases. Most *nix users have made an informed decision to go down that route, whereas many Windows users are using it purely because it's what the box came with from the vendor.
Yes, and judging by the number of Nimda and Code Red probes we're still seeing most of them go with option number #3, at least until replace their hardware and upgrade by default. Fortunately, a growing number of companies have seen the light and are in fact going with option #4: Say "screw that" to Microsoft and move to Linux and something like OpenOffice.
This sounds like something that you could probably arrange with your local computer user group(s). I know my local LUG members occasionally swap more than just info, but it's more adhoc printer for a scanner type stuff than an organized swap-shop. It shouldn't be too difficult to arrange for everyone to bring anything they don't want or need anymore to the next meet and have a group bartering session.
That said, it does appear to be a capable, fully-featured package and I'd guess that as long as you take the proper precautions you should be OK. I can't comment on the stability though; the security concerns I had were enough to cause me to move along to the next product on my list.
A thought just occurred to me reading the Slashdot write-up for this. Inevitably when someone patents something stupid under the USPTO there is a comment about prior art in the Slashdot write-up, the tone of which seems to be "if someone has prior art, then the bad patent will go away", but is this *really* the case? Suppose I have the ultimate prior art on a bogus US patent but hadn't applied for a patent because I thought it was so obvious, could I produce the prior art, overturning the patent, then apply for a patent of my own and sue the ass off the original patent applicant for licensing fees, since they would now be infringing on *my* patent?