If Microsoft's AIM-compatible client were simply using AOL's protocol to communicate between two machines outside of AOL's dominion, then AOL would have no recourse in the matter (except maybe to claim that MS illegally reverse engineered the AIM protocol--not likely).
But that's not what Microsoft did. Microsoft created a client that interacts with AOL servers to communicate with AIM clients. On the internet, your computer is your castle. If you own a computer on the internet, you are allowed to accept or reject any connection for any reason. It may well be illegal for Microsoft to continue to distribute a client that interacts with AOL servers against AOL's explicit wishes.
The AOL AIM client license agreement contains a clause permitting connections to AIM servers run by AOL. The MS client contains no such permission. Microsoft has no legal entitlement to distribute clients which interact with AOL servers.
It's worth pointing out that the free Linux AIM and ICQ clients may also one day be illegal to use, if AOL makes it known that connections from these clients are not welcome.
As for myself, I use IRC and Unix talk. Why rely on proprietary software using proprietary protocols connecting to proprietary machines under questionable legal foundations, when superior open solutions have long existed?
Finally, I cannot help but resist noting that Microsoft is one of the worst offenders in the area of open/closed communications standards. The closed Microsoft Office file formats are the most formidable protection for their profits and monopoly. For Microsoft to complain about AOL's closed communications protocols is the height of hypocrisy.
Windows 98 and Internet Explorer, indeed, does ship in two flavors: 128-bit and 40-bit. The 128-bit strong encryption version is only for use in the US and Canada.
You're right that priority mail is not guaranteed. Most of the time priority mail gets there in 2-3 days, but you have no recourse if it doesn't.
You're wrong about the envelopes. If you use a standard envelope, $3.20 will only ship 2 pounds of material by priority mail. But, if you pick up one of the flat rate envelopes from the post office, the postal service will ship anything you put in the envelopes regardless of weight, for $3.20 (provided of course it's not contraband, munitions, hazardous material, or anything else illegal).
So, if you can fit a 20 pound gold brick in one of their priority mail envelopes, they will ship it to a US destination for $3.20, but it's not guaranteed to get there in 2-3 days.
I'm surely not the only one here to notice that the FBI's position on encryption controls, like Microsoft's position on Linux, is self contradictory. Too bad I'm preaching to the choir here.
On the one hand, the FBI asserts that terrorists are already using encryption to great effect to thwart investigators. On the other hand, the FBI maintains that easing current controls would increase terrorist use of encryption. But their own words belie the truth. Criminals and terrorists are already using technically unbreakable encryption. Legal controls on encryption will have absolutely no effect on the FBI's efforts to pursue criminals. The criminals will use encryption even if it is outlawed.
The only logical conclusion to draw from the FBI statements is that the FBI wants restrictions on encryption, not because they want to spy on criminals, but because they want to spy on law abiding citizens. It is a truth that many in this community figured out a long time ago.
You should not automatically assume that cryptanalysis is the only, easiest, or best way to attack PGP encryption. As cryptographic software, PGP certainly has a flawless track record. However, the software is not the weakest link in the chain. Frequently, with PGP, user error is the weakest link in the chain.
If you allow for Tempest scanners, physical attacks on your machine, attacks on any third party that might happen to have your key, and the all-too-typical easy passphrases that most people use, then it is not entirely incorrect to say that in many cases a PGP encrypted message can be cracked in a matter of hours by someone who really wants to.
While Harvard's behavior has been very poor, Ken should never have put himself in a position where the Harvard sysadmins controlled all copies of the site. These days, 3GB of CD-R media costs about $5. With these kinds of costs, there is no excuse for not having a physical copy of important data.
I can only hope that the web site wasn't that important to him (yeah right), or that Ken is just pretending not to have any backups.
People with important data ought to be a little more paranoid. Don't trust someone else to keep your data safe. Always have a copy on you.
Yes, of course, you're absolutely right, commercial support and peer user support are completely different things. Commercial support of proprietary software has to be much better than free support of free software, because with proprietary software I have no other choice except to rely on the company for support.
I was reacting to the premise of the editorial more than the reality of the current situation. While Codewarrior does run on other distributions, it is entirely conceivable that at some future point, we will see proprietary software that runs on only one distribution. Such fragmentation is simply not possible with free software, because the users can modify software without any commercial support.
Commercial support is a blessing. Proprietary software that needs commercial support in order to be useful is a curse. Whether or not to take one, or the other, both, or neither, is a complex decision involving many tradeoffs. However, I am convinced that fragmentation of Linux will lead to its death. So, for me, one point in favor of free software is that incompatible fragmentation is impossible. That's all.
The problem is that Codewarrior isn't open source
on
Linux is Not Red Hat
·
· Score: 2
One point that was made in the article, that a lot of people have missed, is that this kind of balkanization is impossible with Open Source projects like Apache, Perl, etc. If an open source program is advertised as "Only for RedHat Linux," that's not a problem at all, because anyone who wants can simply take the source code and adapt the program to run on Debian, Slackware, or whatever they want.
Since RedHat is almost totally open source, and Codewarrior is not, I think the blame for this exclusionary packaging lies squarely on MetroWorks. Their claims of not being able to support 39 distributions insipres absolutely no confidence in me. There is no way in hell I would pay for a product that is so poorly supported that its open source competitors look good in comparison.
Somebody earlier above gave links to http://maps.vix.com/ and http://spam.abuse.net/. These links are highly recommended reading. One thing that anti-spam advocates stress over and over again is that spam is problematic because of its volume, not because of its content. In fact, it is precisely this content-agnosticism that distinguishes anti-spam efforts from censorship.
The definition of e-mail spam is "unsolicited bulk email": that is to say, an email message is spam if, and only if, it is unsolicited and sent to a large number of recipients. Likewise, a message is usenet spam if, and only if, it is crossposted or multiposted heavily enough (c.f. the Breidbart Index). In each case, the content of the message is totally irrelevant. Spam is characterized by the manner in which it is delivered, and not by the content contained in the message.
The difference between anti-spam efforts and censorship efforts is that censorship by definition uses message content as the sole criteria for rejection, while spam fighters by definition use message delivery parameters as the sole criteria for rejection.
This little gem neatly refutes all your false claims about how NT has lower TCO than Linux. The truth is that low priced admins can indeed do both hard stuff and "monkey work" with Linux-based solutions, with ease.
My point is by making the source available it's entirely too easy to add back doors that would become very difficult to find
You're assuming that no one checks the source code for such backdoors. In practice, open source code is checked a lot more thoroughly than closed source code, which by definition cannot be checked by anyone.
For example, I am highly confident that the RedHat 6.0 CD has no trojans. If you find any, please let me know, and I will recant my trust!
It's disingenious of you to claim that, say, RedHat 6.0 is vulnerable to trojans while NT integrity can be enforced with signatures. Guess what? Integrity of RedHat 6.0 binaries can also be verified with file signatures! In fact md5 signatures are built in to RedHat. Just run "rpm -Va"
Saying "how do i recompile my web server" is particularly uninsightful since you don't recompile web servers on NT. You add modules to gain new functionality.
I don't see any relationship between modular functionality and whether or not I need to compile code. Apache on Linux supports dynamic modules too, including precompiled modules. The difference is that on Linux, I often write and compile my own modules. On Windows, you're asking me to use someone else's precompiled modules. Or at least, that must be what you're asking, since you claim I don't need to (re)compile web servers on NT.
I write my own modules because it is literally the only way for me to enforce exactly the behavior I want out of my web server. Often this behavior is extremely complex and requires intricate use of the Apache API. To attack me for demanding the ability to compile programs is utterly rude. I need custom functionalty, and I need to write code. Of course I need to compile.
You're right, VNC or PC Anywhere would do the job. I would have much preferred if you simply pointed that out, instead of swearing up and down that I don't need to compile web server modules on NT (which is patently false).
VNC and PC Anywhere still suffer from the "forced GUI integration" problem that was one of my original points. You say that "less skilled" people have an easier time doing routine tasks on NT's GUI. If that's the case, then I must not be a "less skilled" person, because I find it amazingly easier to compile software using gcc/telnet than MSVC/VNC. Especially when I'm stuck with a slow modem.
I have no wish to get into a brawl over TCO, mostly because I have no hard data comparing the TCO of Linux and Windows (n.b. you haven't presented any hard data either). TCO is a long story and I am not at all convinced that Microsoft's bullet point is right. Suffice it to say that, no matter what NT has to offer for the "less skilled" admin, I am not in that group, and my "skill" is certainly not going to decline with time, so from my personal viewpoint (the only hard data I have at the moment), NT has nothing to offer me.
I have reservations with your definition but I will work with it. Even accepting your definition, RSA is not by any stretch of the imagination "state of the art."
Alternatives to RSA include El-Gamal/Diffie Hellman (currently used by OpenPGP and SSHv2, and supported by SSLv3). It is interesting to note that in all three cases, the need to avoid the RSA patent was a primary motivation for the switch to DH.
Now you may think that RSA must be superior to DH because it was discovered later. That's not the case. If you read the PGP-DH-RSA FAQ, you'll find (question 8.1) that the consensus among experts is that DH is possibly better, and not worse, than RSA from a security and practicality standpoint. Also note that the El-Gamal variant of DH was discovered after RSA (in 1984) and never patented.
Perusing through the same document, you'll find a reference to how elliptic curve cryptography, now being researched, appears to offer the same level of security as RSA with much smaller key sizes. The only reason EC cryptography is not yet mainstream is because researchers have not had enough years to thoroughly thrash it for possible holes.
In conclusion, between Diffie-Hellman (in use now) and elliptic-curve based methods on the horizon, there are most certainly alternatives that are set to displace RSA. Moreover, as noted above, DH has already displaced RSA in many major applications of public-key cryptography. Therefore, RSA is not state of the art.
Given this new information, do you still defend the RSA patent as "a good thing" for society? I'd like to know.
First off, a disclaimer: my original list was a brainstorming activity, and as such I did not attempt to substantiate any of my points.
You could easily hide this inside a larger script that did something interesting and most users would blindly run it if you told them to.
There is no parallel in the Linux world to auto-executing VB macros that most users blindly execute not because they were told to do so, but despite the fact that they were told NOT to do so. Microsoft could easily dispel the entire macro virus phenomenon by requiring user initiative before executing macros. The fact that they haven't made this trivial change speaks volumes about their attitude towards security.
It also makes it easy for a disgruntled admin to be able to put back doors into your system so that after he's fired he can destroy your system. I hate to break it to you, but it is just as easy to trojan closed-source systems as open-source systems. Ever heard of Back Orifice? Or the Melissa virus that you wrongly call a trojan? (wrongly because it can self-replicate)
Your "open source equals poor security" argument is nothing more than a repackaging of security through obscurity, a position that has been thoroughly debunked by unanimous consensus of all experts in the field of computer security.
and telnet is not what I call a remote admin tool Maybe it doesn't fit your exacting definition of remote administration, but it is nevertheless a useful utility. How much extra does telnet cost on NT?
Here's a common scenario that I face every year. I'm visiting San Francisco and I want to recompile, install, and configure my web server in Boston. I can do this very easily in Linux with telnet. How would I do it with NT?
If that doesn't count as remote administration, I don't know what does.
I'm talking about tools dedicated to the task of remote administration that make it easier to admin 100 machines I suppose you've conveniently forgotten about rdist, NIS, NFS, AFS/arla, coda etc.
I'm not suggesting that NT is better than Linux, only that your list of supposed lies aren't really lies.
You can debate whether or not these points are true (and I welcome such debate), but on one point no debate is possible: I have done more to substantiate my claims right here than Microsoft has done to substantiate any of the claims in their entire table of bullet points.
If your claims are true (they may well be), then you've just shot down another of Microsoft's bullet points. Check out the "Hardware Support Runs on a wide range hardware and provides optimized drivers" section of Microsoft's brochure and tell me how in the world you reconcile their claims with your claims.
Someone out there (I was thinking of doing it myself) needs to refute the ridiculous lies that saturate Microsoft's table of "Customer Requirements." I know we are against a multi-billion dollar juggernaut here, but we have to give it our best shot.
For the uninitiated, here are some impressions of how amazingly wrong Microsoft's points are:
Reliability - We all know Linux is more reliable, notwithstanding journaling filesystem.
Clustering - Beowulf beats the pants off of anything NT offers.
Security - Melissa virus? Chernobyl?
TCO - Linux licenses and maintenance cost more?
Applications - Ability to recompile from source is a drawback because it encourages deviation??
Forced integration of GUI is a good thing??
And how in the world can Microsoft claim NT is more scriptable and more capable of remote administration???
I am not blinded by faith; I know that Linux still has some areas to work on, but Microsoft is bordering on fraud by perverting Linux's strengths above into perceived weaknesses.
But the recognition of what that truth is, what parts of it are interesting, and the presentation of that truth are all creative acts.
I concede that the discovery of the RSA algorithm is a creative act. I do not agree with your implication that because it is a creative act, it is therefore patentable. Indeed, as you well know, all creative works are copyrightable, but not all copyrighted works have patent protection.
So the question before us is, given the benefits and costs to society of allowing algorithms like RSA to be patented, should we allow them to be patented? I argued in my last paragraph that the answer to this question is no--that the freedom lost to millions of Americans is not worth the commercial gain that RSA Data Labs derives.
If you do indeed agree with the initiator of this thread, that the RSA patent is "a good thing," then it can only be because you value the public's freedom less than one corporation's profits. Keep in mind that this position puts you in the minority: Of all the nations in the world, the US stands alone in permitting software algorithms to be patented. Yet I do not see any evidence that the patent position of the US has increased the pace of software development in this nation relative to other nations. If you have evidence of such an increase, please let me know!
Although the author of the article went overboard in wrongly stating that patent law prevents construction of levitation devices, you also go overboard in implying that patents only prohibit commercial exploitation of an idea. While preventing commercial exploitation of ideas is the goal of patent law, the US implementation of patent law falls far short of this ideal goal. Indeed, US-style patent law does in fact prevent you from mass producing a patented device for any use, not just commercial use.
Allow me to illustrate with a particularly pointed example. You claim that patents cannot be granted on laws of nature. Yet the RSA patent in the US is exactly that: a patent that covers a mathematical idea. Don't let RSA Data Labs fool you into thinking RSA is esoteric or state of the art. RSA is just raising numbers to exponents for encryption and inverting the operations for decryption. I wager that anyone who's studied mathematics will agree with me that RSA is as natural a property of this universe as the law of gravity.
Because of the RSA patent, I am not allowed to run any free software SSL web server on my computer for my own personal use. I am not allowed to run any free software implementation of SSH on my computer for my own personal use. I am not allowed to use any free software implementation of PGP 2.6.x for my own personal use. In all these cases, if I want to use the program in question, I must link it against RSAref, which is not free software. Had RSAref not been published, I would have no recourse at all--I would be forced to write my own implementation of RSA, without sharing the benefits of any of the free software implementations already available in the world.
So, cast aside the admittedly ridiculous saber tooth tiger argument. How do you refute this one? How can you possibly claim that the societal benefit from the RSA patent outweighs the loss of freedom described above that the RSA patent inflicts upon millions of Americans today?
RSA on the otherhand is still (by my limited understanding) state of the art crypto
I'm sorry, but I can't let such a blatantly wrong statement slide without refutation. At least you admit ignorance on the matter.
RSA is trivial. Downright trivial. Let me illustrate. 2^5 = 32 mod 35 and 32^5 = 2 mod 35. Though you may not realize it, those two simple equations encrypt the message "2" using the RSA public key (35,5) and decrypt the encrypted message "35" with the private key ((5,7),5). Even if you don't understand the mathematics, please realize that RSA was discovered in 1977, filed for patent in 1978, and patented in 1983--way before any of this streaming audio stuff. To those in the know, a patent on RSA is every bit as abhorrent as a patent on the law of gravity.
And lest you think the RSA patent has had a beneficial effect on this world, you should note that the RSA patent single-handedly prevents any free software implementations of SSHv1, SSL, or PGPv2.6.x in the United States. RSA code is but a triviality compared to any one of these major software projects. I dare say the RSA patent has done as much to impede the widespread distribution of cryptographic software as US export restrictions.
If you're still not convinced, then nothing will convince you. The RSA patent has not by any means been a beneficial force for useful technological progress.
This discussion has nothing to do with RealNetworks, but once you bring up the thread, I have to reply:-)
First off, 128 kbit/s encoding is good enough for a lot of applications. I just think that it's not good enough for music that you want to own. I don't claim that 128 kbit/s encoded music is easy to distinguish from the original. It isn't. But it is possible to distinguish the two. See this paper for results of professional listening tests. MP3 at 128 kbit/s consistently scored at the "perceptible differences" level.
Of course, I realize that professional listening tests is quite different from you listening to music in your home. If you think the differences don't matter, then fine. But please at least experience the differences firsthand before judging whether they matter or not. I have personally done several A/B listening tests with music that I actually listen to, and I've decided that the difference does matter to me.
So go out, find some music that you're intimately familiar with, encode it at various bitrates, and do A/B listening tests. Hear out the differences and see if they matter to you. If not, then feel free to go out and say that the differences don't matter. But please don't say the differences don't matter because you can't hear them, because that's just admitting your ears aren't good enough to back up your opinion.
Finally, Robin Whittle's comparison of mp3, aac, and vqf discusses all the issues with digital audio and compression, and hits all the correct answers. It's a must read if you care at all about your digital or compressed music.
jwb, your rant gives only one justification for equating copyright violations with stealing: a legal justification. However, a legal justification alone is NOT sufficient grounds to equate copying with stealing. Just because the law says something doesn't mean the law is right.
For example, in the United States, for many years the law decreed that whites were superior to blacks from a legal standpoint. Was the law morally correct? Few people today would argue that the law then was morally correct.
It is perfectly possible to judge some violations of copyright law immoral and other violations morally acceptable. Now I'm not saying I would judge in this manner. I'm just saying that there is no inherent contradiction in judging in this manner. Moral issues are completely independent of legal issues.
Your post does not even acknowledge the possibility that the legal view could be different from the moral view. Indeed, your post puts forth the legal view as completely equal to the moral view. Therein lies your fallacy.
jwb, your rant gives only one justification for equating copyright violations with stealing: a legal justification. However, a legal justification alone is NOT sufficient grounds to equate copying with stealing. Just because the law says something doesn't mean the law is right. For example, in the United States, for many years the law decreed that whites were superior to blacks from a legal standpoint. Was the law morally correct? Few people today would argue that the law then was morally correct. It is perfectly possible to judge some violations of copyright law immoral and other violations morally acceptable. Now I'm not saying I would judge in this manner. I'm just saying that there is no inherent contradiction in judging in this manner. Moral issues are completely independent of legal issues. Your post does not even acknowledge the possibility that the legal view could be different from the moral view. Indeed, your post puts forth the legal view as completely equal to the moral view. Therein lies your fallacy.
Any way you look at it, developing legal arguments has costs. The "freely copiable legal arguments" movement doesn't seem to acknowledge this.
To get good legal arguments, someone has to put in the time and effort to develop and maintain it. If someone wants to do this for free, that's fine (note: few lawyers do). However, if someone wants to do this for a living, that means selling legal arguments for money. Once the legal argument is free, the lawyer doesn't have much of an advantage over competitors for selling service, books, or whatever. In fact, the lawyer has one big disadvantage, i.e., the competitors didn't incur the cost of development.
So the point of your post, though they don't say it very well, is that freely copiable legal arguments is not a very good business model for legal services. To make it work, the lawyer needs to be able to sell something that no one else has. However, once the legal argument is freely copiable, everyone has the legal argument.
So, I'm looking at Rasterman's esound daemon here, and it has two commands called esddsp and esdmon. The first command, esddsp, lets you route any audio playback application to an esound daemon. The second command, esdmon, dumps the esound output to standard output. So that right there is one way to circumvent any copy protection. kinesis pointed out another way: hook one sound card's digital out to another's digital in. Anti-circumvention law or not, both esound and sound cards have legitimate other uses. It would be impossible to outlaw esound or sound cards without inciting mass revolt. In sum, yes, you are absolutely right, no form of copy protection can ever enforce the restrictions the record companies would like to enforce, unless the copy protection is so severe that it completely prevents the file from being played as audible sound at all.
Being forced to pay to read spam is wrong
on
ShutUp Software
·
· Score: 1
Katz makes a good point but he applies it way too generally. Censorship software like Net Nanny is bad because typically it is deployed in situations where the user has no control over how it is used upon her. But there are other cases where ignorance of noise is not only acceptable, but mandatory.
Consider the especially repulsive example of e-mail spam. Whenever someone tries to tell me that e-mail filters are censorship, I refer them to Paul Vixie's excellent writeup of the issue. Free speech only covers your right to say something. It does not give anyone the right to force me to read what they are saying and have me pay an ISP for the privilege!
I really wish Katz had drawn a line somewhere in between Web filtering software and e-mail filtering. The former is imposed upon users who don't wish to use it and have no control over how it is used. The latter is embraced by users as a sad necessity of modern life, and typically these users have full control over how to filter their mail. Much as in the case of open source software, user control makes all the difference in the world.
Sometimes the best response is satire... If you've read the article then you'll love this:
How could anyone but a radical anarchist support a concept like "free legal arguments"? It may seem like a boon for consumers. But they should realize that a market totally free of prices is not likely to produce quality legal arguments and will quickly collapse.
Actually, the "free legal arguments" movement is not opposed in theory to sale of legal services.... The word "free" refers not to price, but to the removal of restrictions on repeating, delivering, improving, and redelivering legal arguments once they are presented in court or otherwise obtained.
But OLA (Open Legal Arguments) has a fatal flaw: it is based on a false theory of production. For the sake of an imagined voluntary cooperative, OLA rejects free market competition and loses the market's distinct advantages to meet consumer needs with quality legal arguments and targeted marketing. By contrast, in a free market, identifiable lawyers own the arguments. They are responsible for their performance, and they can be held liable for inexcusable flaws.
OLA shows that Nader and his allies' "self-proclaimed consumer advocates" do not have in mind the best interests of consumers. His support for legal anarchism would deprive lawyers of their property rights and deprive consumers of standard, quality legal representation.
Slashdot Mirror
But that's not what Microsoft did. Microsoft created a client that interacts with AOL servers to communicate with AIM clients. On the internet, your computer is your castle. If you own a computer on the internet, you are allowed to accept or reject any connection for any reason. It may well be illegal for Microsoft to continue to distribute a client that interacts with AOL servers against AOL's explicit wishes.
The AOL AIM client license agreement contains a clause permitting connections to AIM servers run by AOL. The MS client contains no such permission. Microsoft has no legal entitlement to distribute clients which interact with AOL servers.
It's worth pointing out that the free Linux AIM and ICQ clients may also one day be illegal to use, if AOL makes it known that connections from these clients are not welcome.
As for myself, I use IRC and Unix talk. Why rely on proprietary software using proprietary protocols connecting to proprietary machines under questionable legal foundations, when superior open solutions have long existed?
Finally, I cannot help but resist noting that Microsoft is one of the worst offenders in the area of open/closed communications standards. The closed Microsoft Office file formats are the most formidable protection for their profits and monopoly. For Microsoft to complain about AOL's closed communications protocols is the height of hypocrisy.
Windows 98 and Internet Explorer, indeed, does ship in two flavors: 128-bit and 40-bit. The 128-bit strong encryption version is only for use in the US and Canada.
You're wrong about the envelopes. If you use a standard envelope, $3.20 will only ship 2 pounds of material by priority mail. But, if you pick up one of the flat rate envelopes from the post office, the postal service will ship anything you put in the envelopes regardless of weight, for $3.20 (provided of course it's not contraband, munitions, hazardous material, or anything else illegal).
So, if you can fit a 20 pound gold brick in one of their priority mail envelopes, they will ship it to a US destination for $3.20, but it's not guaranteed to get there in 2-3 days.
On the one hand, the FBI asserts that terrorists are already using encryption to great effect to thwart investigators. On the other hand, the FBI maintains that easing current controls would increase terrorist use of encryption. But their own words belie the truth. Criminals and terrorists are already using technically unbreakable encryption. Legal controls on encryption will have absolutely no effect on the FBI's efforts to pursue criminals. The criminals will use encryption even if it is outlawed.
The only logical conclusion to draw from the FBI statements is that the FBI wants restrictions on encryption, not because they want to spy on criminals, but because they want to spy on law abiding citizens. It is a truth that many in this community figured out a long time ago.
If you allow for Tempest scanners, physical attacks on your machine, attacks on any third party that might happen to have your key, and the all-too-typical easy passphrases that most people use, then it is not entirely incorrect to say that in many cases a PGP encrypted message can be cracked in a matter of hours by someone who really wants to.
I can only hope that the web site wasn't that important to him (yeah right), or that Ken is just pretending not to have any backups.
People with important data ought to be a little more paranoid. Don't trust someone else to keep your data safe. Always have a copy on you.
I was reacting to the premise of the editorial more than the reality of the current situation. While Codewarrior does run on other distributions, it is entirely conceivable that at some future point, we will see proprietary software that runs on only one distribution. Such fragmentation is simply not possible with free software, because the users can modify software without any commercial support.
Commercial support is a blessing. Proprietary software that needs commercial support in order to be useful is a curse. Whether or not to take one, or the other, both, or neither, is a complex decision involving many tradeoffs. However, I am convinced that fragmentation of Linux will lead to its death. So, for me, one point in favor of free software is that incompatible fragmentation is impossible. That's all.
Since RedHat is almost totally open source, and Codewarrior is not, I think the blame for this exclusionary packaging lies squarely on MetroWorks. Their claims of not being able to support 39 distributions insipres absolutely no confidence in me. There is no way in hell I would pay for a product that is so poorly supported that its open source competitors look good in comparison.
The definition of e-mail spam is "unsolicited bulk email": that is to say, an email message is spam if, and only if, it is unsolicited and sent to a large number of recipients. Likewise, a message is usenet spam if, and only if, it is crossposted or multiposted heavily enough (c.f. the Breidbart Index). In each case, the content of the message is totally irrelevant. Spam is characterized by the manner in which it is delivered, and not by the content contained in the message.
The difference between anti-spam efforts and censorship efforts is that censorship by definition uses message content as the sole criteria for rejection, while spam fighters by definition use message delivery parameters as the sole criteria for rejection.
This little gem neatly refutes all your false claims about how NT has lower TCO than Linux. The truth is that low priced admins can indeed do both hard stuff and "monkey work" with Linux-based solutions, with ease.
You're assuming that no one checks the source code for such backdoors. In practice, open source code is checked a lot more thoroughly than closed source code, which by definition cannot be checked by anyone.
For example, I am highly confident that the RedHat 6.0 CD has no trojans. If you find any, please let me know, and I will recant my trust!
It's disingenious of you to claim that, say, RedHat 6.0 is vulnerable to trojans while NT integrity can be enforced with signatures. Guess what? Integrity of RedHat 6.0 binaries can also be verified with file signatures! In fact md5 signatures are built in to RedHat. Just run "rpm -Va"
Saying "how do i recompile my web server" is particularly uninsightful since you don't recompile web servers on NT. You add modules to gain new functionality.
I don't see any relationship between modular functionality and whether or not I need to compile code. Apache on Linux supports dynamic modules too, including precompiled modules. The difference is that on Linux, I often write and compile my own modules. On Windows, you're asking me to use someone else's precompiled modules. Or at least, that must be what you're asking, since you claim I don't need to (re)compile web servers on NT.
I write my own modules because it is literally the only way for me to enforce exactly the behavior I want out of my web server. Often this behavior is extremely complex and requires intricate use of the Apache API. To attack me for demanding the ability to compile programs is utterly rude. I need custom functionalty, and I need to write code. Of course I need to compile.
You're right, VNC or PC Anywhere would do the job. I would have much preferred if you simply pointed that out, instead of swearing up and down that I don't need to compile web server modules on NT (which is patently false).
VNC and PC Anywhere still suffer from the "forced GUI integration" problem that was one of my original points. You say that "less skilled" people have an easier time doing routine tasks on NT's GUI. If that's the case, then I must not be a "less skilled" person, because I find it amazingly easier to compile software using gcc/telnet than MSVC/VNC. Especially when I'm stuck with a slow modem.
I have no wish to get into a brawl over TCO, mostly because I have no hard data comparing the TCO of Linux and Windows (n.b. you haven't presented any hard data either). TCO is a long story and I am not at all convinced that Microsoft's bullet point is right. Suffice it to say that, no matter what NT has to offer for the "less skilled" admin, I am not in that group, and my "skill" is certainly not going to decline with time, so from my personal viewpoint (the only hard data I have at the moment), NT has nothing to offer me.
Alternatives to RSA include El-Gamal/Diffie Hellman (currently used by OpenPGP and SSHv2, and supported by SSLv3). It is interesting to note that in all three cases, the need to avoid the RSA patent was a primary motivation for the switch to DH.
Now you may think that RSA must be superior to DH because it was discovered later. That's not the case. If you read the PGP-DH-RSA FAQ, you'll find (question 8.1) that the consensus among experts is that DH is possibly better, and not worse, than RSA from a security and practicality standpoint. Also note that the El-Gamal variant of DH was discovered after RSA (in 1984) and never patented.
Perusing through the same document, you'll find a reference to how elliptic curve cryptography, now being researched, appears to offer the same level of security as RSA with much smaller key sizes. The only reason EC cryptography is not yet mainstream is because researchers have not had enough years to thoroughly thrash it for possible holes.
In conclusion, between Diffie-Hellman (in use now) and elliptic-curve based methods on the horizon, there are most certainly alternatives that are set to displace RSA. Moreover, as noted above, DH has already displaced RSA in many major applications of public-key cryptography. Therefore, RSA is not state of the art.
Given this new information, do you still defend the RSA patent as "a good thing" for society? I'd like to know.
You could easily hide this inside a larger script that did something interesting and most users would blindly run it if you told them to.
There is no parallel in the Linux world to auto-executing VB macros that most users blindly execute not because they were told to do so, but despite the fact that they were told NOT to do so. Microsoft could easily dispel the entire macro virus phenomenon by requiring user initiative before executing macros. The fact that they haven't made this trivial change speaks volumes about their attitude towards security.
It also makes it easy for a disgruntled admin to be able to put back doors into your system so that after he's fired he can destroy your system. I hate to break it to you, but it is just as easy to trojan closed-source systems as open-source systems. Ever heard of Back Orifice? Or the Melissa virus that you wrongly call a trojan? (wrongly because it can self-replicate)
Your "open source equals poor security" argument is nothing more than a repackaging of security through obscurity, a position that has been thoroughly debunked by unanimous consensus of all experts in the field of computer security.
and telnet is not what I call a remote admin tool Maybe it doesn't fit your exacting definition of remote administration, but it is nevertheless a useful utility. How much extra does telnet cost on NT?
Here's a common scenario that I face every year. I'm visiting San Francisco and I want to recompile, install, and configure my web server in Boston. I can do this very easily in Linux with telnet. How would I do it with NT?
If that doesn't count as remote administration, I don't know what does.
I'm talking about tools dedicated to the task of remote administration that make it easier to admin 100 machines I suppose you've conveniently forgotten about rdist, NIS, NFS, AFS/arla, coda etc.
I'm not suggesting that NT is better than Linux, only that your list of supposed lies aren't really lies.
You can debate whether or not these points are true (and I welcome such debate), but on one point no debate is possible: I have done more to substantiate my claims right here than Microsoft has done to substantiate any of the claims in their entire table of bullet points.
If your claims are true (they may well be), then you've just shot down another of Microsoft's bullet points. Check out the "Hardware Support Runs on a wide range hardware and provides optimized drivers" section of Microsoft's brochure and tell me how in the world you reconcile their claims with your claims.
For the uninitiated, here are some impressions of how amazingly wrong Microsoft's points are:
- Reliability - We all know Linux is more reliable, notwithstanding journaling filesystem.
- Clustering - Beowulf beats the pants off of anything NT offers.
- Security - Melissa virus? Chernobyl?
- TCO - Linux licenses and maintenance cost more?
- Applications - Ability to recompile from source is a drawback because it encourages deviation??
- Forced integration of GUI is a good thing??
- And how in the world can Microsoft claim NT is more scriptable and more capable of remote administration???
I am not blinded by faith; I know that Linux still has some areas to work on, but Microsoft is bordering on fraud by perverting Linux's strengths above into perceived weaknesses.I concede that the discovery of the RSA algorithm is a creative act. I do not agree with your implication that because it is a creative act, it is therefore patentable. Indeed, as you well know, all creative works are copyrightable, but not all copyrighted works have patent protection.
So the question before us is, given the benefits and costs to society of allowing algorithms like RSA to be patented, should we allow them to be patented? I argued in my last paragraph that the answer to this question is no--that the freedom lost to millions of Americans is not worth the commercial gain that RSA Data Labs derives.
If you do indeed agree with the initiator of this thread, that the RSA patent is "a good thing," then it can only be because you value the public's freedom less than one corporation's profits. Keep in mind that this position puts you in the minority: Of all the nations in the world, the US stands alone in permitting software algorithms to be patented. Yet I do not see any evidence that the patent position of the US has increased the pace of software development in this nation relative to other nations. If you have evidence of such an increase, please let me know!
Allow me to illustrate with a particularly pointed example. You claim that patents cannot be granted on laws of nature. Yet the RSA patent in the US is exactly that: a patent that covers a mathematical idea. Don't let RSA Data Labs fool you into thinking RSA is esoteric or state of the art. RSA is just raising numbers to exponents for encryption and inverting the operations for decryption. I wager that anyone who's studied mathematics will agree with me that RSA is as natural a property of this universe as the law of gravity.
Because of the RSA patent, I am not allowed to run any free software SSL web server on my computer for my own personal use. I am not allowed to run any free software implementation of SSH on my computer for my own personal use. I am not allowed to use any free software implementation of PGP 2.6.x for my own personal use. In all these cases, if I want to use the program in question, I must link it against RSAref, which is not free software. Had RSAref not been published, I would have no recourse at all--I would be forced to write my own implementation of RSA, without sharing the benefits of any of the free software implementations already available in the world.
So, cast aside the admittedly ridiculous saber tooth tiger argument. How do you refute this one? How can you possibly claim that the societal benefit from the RSA patent outweighs the loss of freedom described above that the RSA patent inflicts upon millions of Americans today?
I'm sorry, but I can't let such a blatantly wrong statement slide without refutation. At least you admit ignorance on the matter.
RSA is trivial. Downright trivial. Let me illustrate. 2^5 = 32 mod 35 and 32^5 = 2 mod 35. Though you may not realize it, those two simple equations encrypt the message "2" using the RSA public key (35,5) and decrypt the encrypted message "35" with the private key ((5,7),5). Even if you don't understand the mathematics, please realize that RSA was discovered in 1977, filed for patent in 1978, and patented in 1983--way before any of this streaming audio stuff. To those in the know, a patent on RSA is every bit as abhorrent as a patent on the law of gravity.
And lest you think the RSA patent has had a beneficial effect on this world, you should note that the RSA patent single-handedly prevents any free software implementations of SSHv1, SSL, or PGPv2.6.x in the United States. RSA code is but a triviality compared to any one of these major software projects. I dare say the RSA patent has done as much to impede the widespread distribution of cryptographic software as US export restrictions.
If you're still not convinced, then nothing will convince you. The RSA patent has not by any means been a beneficial force for useful technological progress.
First off, 128 kbit/s encoding is good enough for a lot of applications. I just think that it's not good enough for music that you want to own. I don't claim that 128 kbit/s encoded music is easy to distinguish from the original. It isn't. But it is possible to distinguish the two. See this paper for results of professional listening tests. MP3 at 128 kbit/s consistently scored at the "perceptible differences" level.
Of course, I realize that professional listening tests is quite different from you listening to music in your home. If you think the differences don't matter, then fine. But please at least experience the differences firsthand before judging whether they matter or not. I have personally done several A/B listening tests with music that I actually listen to, and I've decided that the difference does matter to me.
So go out, find some music that you're intimately familiar with, encode it at various bitrates, and do A/B listening tests. Hear out the differences and see if they matter to you. If not, then feel free to go out and say that the differences don't matter. But please don't say the differences don't matter because you can't hear them, because that's just admitting your ears aren't good enough to back up your opinion.
Finally, Robin Whittle's comparison of mp3, aac, and vqf discusses all the issues with digital audio and compression, and hits all the correct answers. It's a must read if you care at all about your digital or compressed music.
jwb, your rant gives only one justification for equating copyright violations with stealing: a legal justification. However, a legal justification alone is NOT sufficient grounds to equate copying with stealing. Just because the law says something doesn't mean the law is right.
For example, in the United States, for many years the law decreed that whites were superior to blacks from a legal standpoint. Was the law morally correct? Few people today would argue that the law then was morally correct.
It is perfectly possible to judge some violations of copyright law immoral and other violations morally acceptable. Now I'm not saying I would judge in this manner. I'm just saying that there is no inherent contradiction in judging in this manner. Moral issues are completely independent of legal issues.
Your post does not even acknowledge the possibility that the legal view could be different from the moral view. Indeed, your post puts forth the legal view as completely equal to the moral view. Therein lies your fallacy.
jwb, your rant gives only one justification for equating copyright violations with stealing: a legal justification. However, a legal justification alone is NOT sufficient grounds to equate copying with stealing. Just because the law says something doesn't mean the law is right. For example, in the United States, for many years the law decreed that whites were superior to blacks from a legal standpoint. Was the law morally correct? Few people today would argue that the law then was morally correct. It is perfectly possible to judge some violations of copyright law immoral and other violations morally acceptable. Now I'm not saying I would judge in this manner. I'm just saying that there is no inherent contradiction in judging in this manner. Moral issues are completely independent of legal issues. Your post does not even acknowledge the possibility that the legal view could be different from the moral view. Indeed, your post puts forth the legal view as completely equal to the moral view. Therein lies your fallacy.
To get good legal arguments, someone has to put in the time and effort to develop and maintain it. If someone wants to do this for free, that's fine (note: few lawyers do). However, if someone wants to do this for a living, that means selling legal arguments for money. Once the legal argument is free, the lawyer doesn't have much of an advantage over competitors for selling service, books, or whatever. In fact, the lawyer has one big disadvantage, i.e., the competitors didn't incur the cost of development.
So the point of your post, though they don't say it very well, is that freely copiable legal arguments is not a very good business model for legal services. To make it work, the lawyer needs to be able to sell something that no one else has. However, once the legal argument is freely copiable, everyone has the legal argument.
So, I'm looking at Rasterman's esound daemon here, and it has two commands called esddsp and esdmon. The first command, esddsp, lets you route any audio playback application to an esound daemon. The second command, esdmon, dumps the esound output to standard output. So that right there is one way to circumvent any copy protection. kinesis pointed out another way: hook one sound card's digital out to another's digital in. Anti-circumvention law or not, both esound and sound cards have legitimate other uses. It would be impossible to outlaw esound or sound cards without inciting mass revolt. In sum, yes, you are absolutely right, no form of copy protection can ever enforce the restrictions the record companies would like to enforce, unless the copy protection is so severe that it completely prevents the file from being played as audible sound at all.
Consider the especially repulsive example of e-mail spam. Whenever someone tries to tell me that e-mail filters are censorship, I refer them to Paul Vixie's excellent writeup of the issue. Free speech only covers your right to say something. It does not give anyone the right to force me to read what they are saying and have me pay an ISP for the privilege!
I really wish Katz had drawn a line somewhere in between Web filtering software and e-mail filtering. The former is imposed upon users who don't wish to use it and have no control over how it is used. The latter is embraced by users as a sad necessity of modern life, and typically these users have full control over how to filter their mail. Much as in the case of open source software, user control makes all the difference in the world.
How could anyone but a radical anarchist support a concept like "free legal arguments"? It may seem like a boon for consumers. But they should realize that a market totally free of prices is not likely to produce quality legal arguments and will quickly collapse.
Actually, the "free legal arguments" movement is not opposed in theory to sale of legal services.... The word "free" refers not to price, but to the removal of restrictions on repeating, delivering, improving, and redelivering legal arguments once they are presented in court or otherwise obtained.
But OLA (Open Legal Arguments) has a fatal flaw: it is based on a false theory of production. For the sake of an imagined voluntary cooperative, OLA rejects free market competition and loses the market's distinct advantages to meet consumer needs with quality legal arguments and targeted marketing. By contrast, in a free market, identifiable lawyers own the arguments. They are responsible for their performance, and they can be held liable for inexcusable flaws.
OLA shows that Nader and his allies' "self-proclaimed consumer advocates" do not have in mind the best interests of consumers. His support for legal anarchism would deprive lawyers of their property rights and deprive consumers of standard, quality legal representation.