They're couting shipments of Linux, which totally misses out on all of the downloads.
The full, $$$$$$ versions of these reports generally notes the difficulty in measuring the usage of any OS, especially Linux. While IDC and other analysts get paid for making intelligent guesses, any "estimate" of Linux usage would be a SAG, so they use the numbers which are solid - shipments - to base their projections from. As others have mentioned, the fact that shipments of an OS which can be freely (and legally) shared are outpacing shipments of every server OS not originating in Redmond is impressive, and leads to the implication that it may be legally installed on more servers.
How do I prevent (or at least minimize) them blaming each other when support issues come up? Anyone have a solution for this?
Before you buy, make sure that your prospective vendors are members of TSANet. Then, if one of your vendors points the finger at another, tell them to use TSANet to open a ticket with the other vendor on your behalf. As a support engineer at Tivoli Systems, I've used TSANet to open tickets with other vendors in order to resolve customer problems.
So.. perhaps this company needs to SUE the ISP's that are actually USING the RBL. RBL doesnt' make them, it just publishes a list.
That would seem to make sense, but it's quite fashionable these days to sue the providers of a product which is used by third parties to the detriment of the party bringing the suit. Whether it's MAPS, Napster, the gun industry, and so on, it's not seen as appropriate to hold the users of a product responsible for their use of it.
What gives you (or anybody else for that matter) to decide what mail should or should not be allowed?
Ownership of the system receiving the email. I own the system, I get to decide under what conditions I accept email. Among those conditions is that the sender not appear on the RBL, DUL, or RSS lists.
Imminent Death of the Net Predicted is about S/N ratio, not people arbitrarily blocking programs they don't like.
But the blocking being talked about isn't arbitrary. Aside from Media Enforcer, the products discussed are being used to attempt to ensure that there is enough signal (the protocols the people funding the bandwidth are expecting to be able to use) amidst the noise (additional protocols used by those who aren't footing the bill). This isn't any more ominous than news servers refusing to carry binaries groups, or postmasters fighting spam, because of the bandwidth consumed by those practices.
If this turns into ISPs blocking Napster, or backbones fighting Gnutella, then we have a major problem, but students and employees don't have unfettered rights to the bandwidth of their educational institutions or employers.
A simple revision that would address these concerns is having the license include the provision that rights to all code issued under the GPL are assigned to the FSF.
Are you trying to write the obituary for the GPL? There are already enough programmers out there who won't work on GNU projects because of the requirement to assign copyright to the FSF, do you really want to burden the GPL itself with that anchor?
To copyleft a program, first we copyright it; then we add distribution terms
The GPL is the copyright.
No, the GPL is the distribution terms. It's the General Public License, not the General Public Copyright. If the GPL is found to be legally invalid, the copyright remains.
However, there is the reality ahead that either the playing field needs to be level (same tax for remote/local purchases), Does that make the playing field level?
Don't local merchants still have the advantage of being able to provide their in-stock products for immediate use?
Don't remote merchants still have the advantage of reduced overhead for facilities (including property taxes)?
Don't local merchants still have the advantage of being able to get reduced rates for shipping because they're shipping in bulk?
Don't remote merchants...
We could keep on going back and forth here, but I think you see my point - there is no level playing field. Beyond that, I don't see it as government's job to create a level playing field, if for no other reason than because actually doing so would require an incredibly opressive level of regulation and price controls. There are certainly good reasons for wanting to apply sales taxes to purchases from remote merchants, so please find a better one than "the playing field needs to be level".
While I don't think anyone is a stupid fsck, I would like to point out, as the original post does, that the pertinent contents of the Windows98 cd (drivers, installation files, etc.) can be found in "c:\windows\options\cabs" on most OEM installations.
It may, but noone tells the average consumer this (except perhaps buried deep within a manual that the salesdroid tells them they don't need to read), and, at least on this HP, the path to the "Windows CD" wasn't preset to the cab location (which happens if you actually install Windows from the HD).
The argument was that having recovery CDs were a benefit for the average consumer, and I was providing a real example (rather than a vague hypothetical) of how it isn't.
MS's plans will be yet another nail in the coffin of the old practice of building your own systems.
This will actually encourage me to continue building my own systems. The way prices in the computer market have been driven down, I fully expected that the next system I would purchase would be off the shelf. However, if all they will be able to provide me with is a recovery CD, not a real Windows CD, I'll stick with rolling my own.
BUT... for the average consumer this is a GOOD thing. Having to wipe the drive and reinstall Windows (which WILL happen eventually) is a real pain. Normally, the average consumer takes the computer in to the local shop (CompUSA, Micro Center, etc). And pays a fee to have Windows reinstalled.
Except what happens when your average consumer buys a printer, hooks it up, and Windows says "Insert your Windows CD"? That's what my grandmother ran into with her HP, because it dodn't come with a Windows CD, it came with a HP Recovery CD, and the recovery CD doesn't work as a Windows CD. She had two choices - put more $$ in MicroSoft's pocket, or get a pirated CD from a friend. Guess which one she went for?
Re:I wrote that code - I'll tell you what it does
on
Mattel Spyware
·
· Score: 2
you should configure your dial on demand server to not trigger ont his kind of traffic.
Read what the programmer wrote again. "[H]is kind of traffic" is HTTP. Most people will want dial-on-demand links brought up for HTTP.
Of course, if you're properly paranoid, you're running Junkbuster (and possibly Squid) on a single server, and have all legitimate HTTP clients configured to proxy through them. Then you configure your dial-on-demand server to only bring up the link for HTTP requests from the Junkbuster server, and applications with covert communication channels are foiled. The worst that happens now is that the covert applications use your browser proxy settings, but you're reviewing your Junkbuster logs, right?
I don't understand how anyone can be so sloppy with classified information, not to mention nuclear weapons information. When I was a peon in the military, we were always told of the exciting career opportunities in Alaska that awaited anyone who was negligent in handling classified information.
Or the opportunities in materials processing in Kansas? I expressed the same confusion to a co-worker because of a similar background, and he pointed out that those opportunities are part of the reason for the differences.
In the military, you are dealing with an enlisted workforce that can't leave (except for a window of opportunity every 3-6 years). The military has broad flexibility in the variety and degree of punishment, ranging from scut details to Leavenworth, and there is little difficulty in assigning that punishment, expecially at the lower end of the range.
On the other hand, government labs have to attract and retain researchers who are willing to work for lower salaries than their commercial counterparts. These researchers are more likely to look into work rules beforehand, can leave at any time, are subject to a limited range of punishments ranging from unemployment to prison, and have a high barrier toward applying these punishments. In such an environment, it is probably impossible to establish or to enforce security policies to military levels (which are not themselves perfect).
All the legalism aside, and contrary to other poster's opinions, I belive that the spirit of the GPL is to insure that ideas are free.
And stay free.
I don't think that even in a grouchy mood RSM would insist that you must "free" your own ideas because you like his.
Then you apparently haven't read Why Software Should Not Have Owners or Why Software Should Be Free, both by RMS (not RSM). He explicitly states that "[m]y conclusion is that programmers have the duty to encourage others to share, redistribute, study and improve the software we write: in other words, to write ``free'' software.". He's not the least bit unclear about this. As he asked (and answered) in The GNU Manifesto:
"Don't people have a right to control how their creativity is used?"
"Control over the use of one's ideas" really constitutes control over other people's lives; and it is usually used to make their lives more difficult.
You don't have to agree with RMS, but don't try to downplay his positions, or distort what the GPL does. One freedom the GPL is intended to ensure is "[t]he freedom to study how the program works, and adapt it to your needs.", but it does that by containing a restriction that "you cannot add restrictions to deny other people the central freedoms". Taking ideas from GPLed code and putting them into proprietary code would violate that restriction.
...upon whether you are asking ethically, legally, or practically.
Ethically, you shouldn't, because the GPL isn't there to educate, but to ensure that the code remains free. If you are "learning" from GPLed code and implement something the same way that the GPL code did, you've broken the intent that the code remain free.
Legally, if you are VERY careful, you could do it. Chances are, though, that if you are looking to "learn" from GPLed code then you will implement something the same way, which raises the question of whether you copied it.
On a practical level, however, you can probably get away with it. The danger there is if you are very sloppy in "learning" how to do things, and someone who knows the code that you are "learning" from has reason to look at your binaries, you might become the next NVIDIA.
So, do you want to do the right thing, the safe thing, or go for broke?
The Five Worst Security Mistakes End Users Make 5. Using a modem while connected through a local area network.
Hmm? What's wrong with being connected, as long as you don't allow incoming connections from the Internet? Setting all your daemons to only bind to eth0 isn't that hard, once you've disabled the ones you don't need anyway.
I readded the heading from that section (I should have put the headings in bold, but I didn't think of it in time:). If this was in the IT section, I might be inclined to agree with you. However, end users tend to use a modem for one of two reasons - to connect to Internet resources their firewall blocks, or to get them into their system without a VPN or sanctioned dial-up.
In the former case, they typically don't do anything to protect themselves or the corporate network - they just use DUN to connect to their ISP of choice.
In the latter case, they will usually stick PCAnyware or something similar on their system and set it to auto-answer, with a poor (or no) password.
In either case, the end user has made the network security like a chain link hospital gown - string from in front, but baring all.
I've been told that they will be on the SANS web site Real Soon Now.
Mistakes People Make That Lead To Security Breaches
Technological holes account for a great number of the successful break-ins, but people do their share, as well. Here are the SANS Institute's lists of silly thinks people do that enable attackers to succeed.
The Five Worst Security Mistakes End Users Make
1. Opening unsolicited e-mail attachments without verifying their source and checking their content first.
2. Failing to install security patches - especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.
3. Installing screen savers or games from unknown sources.
4. Not making and testing backups.
5. Using a modem while connected through a local area network.
The Seven Worst Security Mistakes Senior Executives Make
1. Assigning untrained people to maintain security and providing neither the training nor the time to make it possible to learn and do the job.
2. Failing to understand the relationship of information security to the business problem-they understand physical security but do not see the consequences of poor information security.
3. Failing to deal with the operational aspects of security: making a few fixes and then not allowing the follow through necessary to ensure the problems stay fixed
4. Relying primarily on a firewall.
5. Failing to realize how much money their information and organizational reputations are worth.
6. Authorizing reactive, short-term fixes so problems re-emerge rapidly.
7. Pretending the problem will go away if they ignore it.
The Ten Worst Security Mistakes Information Technology People Make
1. Connecting systems to the Internet before hardening them.
2. Connecting test systems to the Internet with default accounts/passwords
3. Failing to update systems when security holes are found.
4. Using telnet and other unencrypted protocols for managing systems, routers, firewalls, and PKI.
5. Giving users passwords over the phone or changing user passwords in response to telephone or personal requests when the requester is not authenticated.
This list completely ignores one of the most common security flaws in computer systems: Cleartext passwords sent over the wire. It does and it doesn't. This list focuses on exploits, but there is an associated list, mentioned by the CNN article, of IT mistakes. Among the IT mistakes are using telnet and other unencrypted protocols.
The plan is for this to be a living document - as responsible admins (and vendors) close these holes, new items will go into the Top Ten list. If you check out the Top Ten page, you'll see that there have been three revisions today. Most of the vulnerabilities listed have beed known for years, and have easy fixes available, but admins haven't known what ones were most important. This is an attempt to help prioritize things.
I saw this list last night, and my first thought was that it couldn't possibly be right, as most of the compromises on this list are UNIX related. Several of the compromises are multi-platform, not specifically NT or *nix. Categories like the CGI/ColdFusion exploits make up a large percentage of the NT attacks. However, it is probably fair to say that most of us who were asked to participate probably have a *nix background, and are therefore more familiar with *nix exploits. Also, we were looking for remotely exploitable, directed attacks, and the background of *nix as a multi-user, network operating system gives more avenue of attack than an operating system with a single user, stand-alone heritage. Our list of end-user security mistakes (not yet released), on the other hand, is much more Microsoft-heavy.
But, isn't MP3 based off of JPEG compression which is in fact an OPEN standard, therefore not copywritten???
"Standard" does not mean "free". Unix is a standard, and it costs $$$ for an OS to be able to call itself Unix. Motif is a standard, and until recently, it took $$$ to (legally) get Motif. Fortunately, neither of these standards had patents, so it was possible to reimplement them. Unfortunately, sometimes vendors sandbag standards bodies by filing patent applications which are granted after the standard is released. Other standards bodies don't need to be sandbagged.
Slashdot Mirror
They're couting shipments of Linux, which totally misses out on all of the downloads.
The full, $$$$$$ versions of these reports generally notes the difficulty in measuring the usage of any OS, especially Linux. While IDC and other analysts get paid for making intelligent guesses, any "estimate" of Linux usage would be a SAG, so they use the numbers which are solid - shipments - to base their projections from. As others have mentioned, the fact that shipments of an OS which can be freely (and legally) shared are outpacing shipments of every server OS not originating in Redmond is impressive, and leads to the implication that it may be legally installed on more servers.
How do I prevent (or at least minimize) them blaming each other when support issues come up? Anyone have a solution for this?
Before you buy, make sure that your prospective vendors are members of TSANet. Then, if one of your vendors points the finger at another, tell them to use TSANet to open a ticket with the other vendor on your behalf. As a support engineer at Tivoli Systems, I've used TSANet to open tickets with other vendors in order to resolve customer problems.
If Marvel printed Archie and Jughead, Wolverine would show up
Actually, the Punisher got to team up with Archie, not Wolverine.
So.. perhaps this company needs to SUE the ISP's that are actually USING the RBL. RBL doesnt' make them, it just publishes a list.
That would seem to make sense, but it's quite fashionable these days to sue the providers of a product which is used by third parties to the detriment of the party bringing the suit. Whether it's MAPS, Napster, the gun industry, and so on, it's not seen as appropriate to hold the users of a product responsible for their use of it.
What gives you (or anybody else for that matter) to decide what mail should or should not be allowed?
Ownership of the system receiving the email. I own the system, I get to decide under what conditions I accept email. Among those conditions is that the sender not appear on the RBL, DUL, or RSS lists.
Imminent Death of the Net Predicted is about S/N ratio, not people arbitrarily blocking programs they don't like.
But the blocking being talked about isn't arbitrary. Aside from Media Enforcer, the products discussed are being used to attempt to ensure that there is enough signal (the protocols the people funding the bandwidth are expecting to be able to use) amidst the noise (additional protocols used by those who aren't footing the bill). This isn't any more ominous than news servers refusing to carry binaries groups, or postmasters fighting spam, because of the bandwidth consumed by those practices.
If this turns into ISPs blocking Napster, or backbones fighting Gnutella, then we have a major problem, but students and employees don't have unfettered rights to the bandwidth of their educational institutions or employers.
A simple revision that would address these concerns is having the license include the provision that rights to all code issued under the GPL are assigned to the FSF.
Are you trying to write the obituary for the GPL? There are already enough programmers out there who won't work on GNU projects because of the requirement to assign copyright to the FSF, do you really want to burden the GPL itself with that anchor?
From The FSF's page.
To copyleft a program, first we copyright it; then we add distribution terms
The GPL is the copyright.
No, the GPL is the distribution terms. It's the General Public License, not the General Public Copyright. If the GPL is found to be legally invalid, the copyright remains.
Does that make the playing field level?
We could keep on going back and forth here, but I think you see my point - there is no level playing field. Beyond that, I don't see it as government's job to create a level playing field, if for no other reason than because actually doing so would require an incredibly opressive level of regulation and price controls.
There are certainly good reasons for wanting to apply sales taxes to purchases from remote merchants, so please find a better one than "the playing field needs to be level".
While I don't think anyone is a stupid fsck, I would like to point out, as the original post does, that the pertinent contents of the Windows98 cd (drivers, installation files, etc.) can be found in "c:\windows\options\cabs" on most OEM installations.
It may, but noone tells the average consumer this (except perhaps buried deep within a manual that the salesdroid tells them they don't need to read), and, at least on this HP, the path to the "Windows CD" wasn't preset to the cab location (which happens if you actually install Windows from the HD).
The argument was that having recovery CDs were a benefit for the average consumer, and I was providing a real example (rather than a vague hypothetical) of how it isn't.
MS's plans will be yet another nail in the coffin of the old practice of building your own systems.
This will actually encourage me to continue building my own systems. The way prices in the computer market have been driven down, I fully expected that the next system I would purchase would be off the shelf. However, if all they will be able to provide me with is a recovery CD, not a real Windows CD, I'll stick with rolling my own.
Microsoft has traditionally been one of the least anti-piracy companies.
Perhaps, but Bill Gates of Micro-Soft is the original anti-piracy zealot.
BUT... for the average consumer this is a GOOD thing. Having to wipe the drive and reinstall Windows (which WILL happen eventually) is a real pain. Normally, the average consumer takes the computer in to the local shop (CompUSA, Micro Center, etc). And pays a fee to have Windows reinstalled.
Except what happens when your average consumer buys a printer, hooks it up, and Windows says "Insert your Windows CD"? That's what my grandmother ran into with her HP, because it dodn't come with a Windows CD, it came with a HP Recovery CD, and the recovery CD doesn't work as a Windows CD. She had two choices - put more $$ in MicroSoft's pocket, or get a pirated CD from a friend. Guess which one she went for?
you should configure your dial on demand server to not trigger ont his kind of traffic.
Read what the programmer wrote again. "[H]is kind of traffic" is HTTP. Most people will want dial-on-demand links brought up for HTTP.
Of course, if you're properly paranoid, you're running Junkbuster (and possibly Squid) on a single server, and have all legitimate HTTP clients configured to proxy through them. Then you configure your dial-on-demand server to only bring up the link for HTTP requests from the Junkbuster server, and applications with covert communication channels are foiled. The worst that happens now is that the covert applications use your browser proxy settings, but you're reviewing your Junkbuster logs, right?
I don't understand how anyone can be so sloppy with classified information, not to mention nuclear weapons information. When I was a peon in the military, we were always told of the exciting career opportunities in Alaska that awaited anyone who was negligent in handling classified information.
Or the opportunities in materials processing in Kansas? I expressed the same confusion to a co-worker because of a similar background, and he pointed out that those opportunities are part of the reason for the differences.
In the military, you are dealing with an enlisted workforce that can't leave (except for a window of opportunity every 3-6 years). The military has broad flexibility in the variety and degree of punishment, ranging from scut details to Leavenworth, and there is little difficulty in assigning that punishment, expecially at the lower end of the range.
On the other hand, government labs have to attract and retain researchers who are willing to work for lower salaries than their commercial counterparts. These researchers are more likely to look into work rules beforehand, can leave at any time, are subject to a limited range of punishments ranging from unemployment to prison, and have a high barrier toward applying these punishments. In such an environment, it is probably impossible to establish or to enforce security policies to military levels (which are not themselves perfect).
All the legalism aside, and contrary to other poster's opinions, I belive that the spirit of the GPL is to insure that ideas are free.
And stay free.
I don't think that even in a grouchy mood RSM would insist that you must "free" your own ideas because you like his.
Then you apparently haven't read Why Software Should Not Have Owners or Why Software Should Be Free, both by RMS (not RSM). He explicitly states that "[m]y conclusion is that programmers have the duty to encourage others to share, redistribute, study and improve the software we write: in other words, to write ``free'' software.". He's not the least bit unclear about this. As he asked (and answered) in The GNU Manifesto:
"Don't people have a right to control how their creativity is used?"
"Control over the use of one's ideas" really constitutes control over other people's lives; and it is usually used to make their lives more difficult.
You don't have to agree with RMS, but don't try to downplay his positions, or distort what the GPL does. One freedom the GPL is intended to ensure is "[t]he freedom to study how the program works, and adapt it to your needs.", but it does that by containing a restriction that "you cannot add restrictions to deny other people the central freedoms". Taking ideas from GPLed code and putting them into proprietary code would violate that restriction.
...upon whether you are asking ethically, legally, or practically.
Ethically, you shouldn't, because the GPL isn't there to educate, but to ensure that the code remains free. If you are "learning" from GPLed code and implement something the same way that the GPL code did, you've broken the intent that the code remain free.
Legally, if you are VERY careful, you could do it. Chances are, though, that if you are looking to "learn" from GPLed code then you will implement something the same way, which raises the question of whether you copied it.
On a practical level, however, you can probably get away with it. The danger there is if you are very sloppy in "learning" how to do things, and someone who knows the code that you are "learning" from has reason to look at your binaries, you might become the next NVIDIA.
So, do you want to do the right thing, the safe thing, or go for broke?
CNET putting DoubleClick et al out of business, or DoubleClick et al invalidating the patent?
Because he isn't from L0pht any more, but from @stake, and the signatories are in reverse alphabetical order by organization.
The Five Worst Security Mistakes End Users Make
:). If this was in the IT section, I might be inclined to agree with you. However, end users tend to use a modem for one of two reasons - to connect to Internet resources their firewall blocks, or to get them into their system without a VPN or sanctioned dial-up.
5. Using a modem while connected through a local area network.
Hmm? What's wrong with being connected, as long as you don't allow incoming connections from the Internet? Setting all your daemons to only bind to eth0 isn't that hard, once you've disabled the ones you don't need anyway.
I readded the heading from that section (I should have put the headings in bold, but I didn't think of it in time
In the former case, they typically don't do anything to protect themselves or the corporate network - they just use DUN to connect to their ISP of choice.
In the latter case, they will usually stick PCAnyware or something similar on their system and set it to auto-answer, with a poor (or no) password.
In either case, the end user has made the network security like a chain link hospital gown - string from in front, but baring all.
I've been told that they will be on the SANS web site Real Soon Now.
Mistakes People Make That Lead To Security Breaches
Technological holes account for a great number of the successful break-ins, but people do their share, as well. Here are the SANS Institute's lists of silly thinks people do that enable attackers to succeed.
The Five Worst Security Mistakes End Users Make
1. Opening unsolicited e-mail attachments without verifying their source and checking their content first.
2. Failing to install security patches - especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.
3. Installing screen savers or games from unknown sources.
4. Not making and testing backups.
5. Using a modem while connected through a local area network.
The Seven Worst Security Mistakes Senior Executives Make
1. Assigning untrained people to maintain security and providing neither the training nor the time to make it possible to learn and do the job.
2. Failing to understand the relationship of information security to the business problem-they understand physical security but do not see the consequences of poor information security.
3. Failing to deal with the operational aspects of security: making a few fixes and then not allowing the follow through necessary to ensure the problems stay fixed
4. Relying primarily on a firewall.
5. Failing to realize how much money their information and organizational reputations are worth.
6. Authorizing reactive, short-term fixes so problems re-emerge rapidly.
7. Pretending the problem will go away if they ignore it.
The Ten Worst Security Mistakes Information Technology People Make
1. Connecting systems to the Internet before hardening them.
2. Connecting test systems to the Internet with default accounts/passwords
3. Failing to update systems when security holes are found.
4. Using telnet and other unencrypted protocols for managing systems, routers, firewalls, and PKI.
5. Giving users passwords over the phone or changing user passwords in response to telephone or personal requests when the requester is not authenticated.
6. Failing to maintain and test backups.
7. Running unnecessary services, especially ftpd, telnetd, finger, rpc, mail, rservices
8. Implementing firewalls with rules that don't stop malicious or dangerous traffic- incoming or outgoing.
9. Failing to implement or update virus detection software
10. Failing to educate users on what to look for and what to do when they see a potential security problem.
And a bonus, number 11:
Allowing untrained, uncertified people to take responsibility for securing important systems.
This list completely ignores one of the most common security flaws in computer systems: Cleartext passwords sent over the wire.
It does and it doesn't. This list focuses on exploits, but there is an associated list, mentioned by the CNN article, of IT mistakes. Among the IT mistakes are using telnet and other unencrypted protocols.
The plan is for this to be a living document - as responsible admins (and vendors) close these holes, new items will go into the Top Ten list. If you check out the Top Ten page, you'll see that there have been three revisions today.
Most of the vulnerabilities listed have beed known for years, and have easy fixes available, but admins haven't known what ones were most important. This is an attempt to help prioritize things.
I saw this list last night, and my first thought was that it couldn't possibly be right, as most of the compromises on this list are UNIX related.
Several of the compromises are multi-platform, not specifically NT or *nix. Categories like the CGI/ColdFusion exploits make up a large percentage of the NT attacks. However, it is probably fair to say that most of us who were asked to participate probably have a *nix background, and are therefore more familiar with *nix exploits. Also, we were looking for remotely exploitable, directed attacks, and the background of *nix as a multi-user, network operating system gives more avenue of attack than an operating system with a single user, stand-alone heritage. Our list of end-user security mistakes (not yet released), on the other hand, is much more Microsoft-heavy.
But, isn't MP3 based off of JPEG compression which is in fact an OPEN standard, therefore not copywritten???
"Standard" does not mean "free". Unix is a standard, and it costs $$$ for an OS to be able to call itself Unix. Motif is a standard, and until recently, it took $$$ to (legally) get Motif. Fortunately, neither of these standards had patents, so it was possible to reimplement them. Unfortunately, sometimes vendors sandbag standards bodies by filing patent applications which are granted after the standard is released. Other standards bodies don't need to be sandbagged.