Not having "." in the path is to fix a much simpler expliot. As a cracker, make a program called "ls" and make it do whatever you want, assumming it has root privledges, and then leave it in/tmp or anywhere you can write. Then wait for the root user to happen to cd to that directory and type "ls". You are in.
Removing "." removes the one directory from a typical user's path that other users can write to.
Since virtually every laptop carried by a airline traveller has a wireless card, and I'm sure virtually every one of those has the wireless enabled by default, doesn't this mean there is plenty of wireless traffic inflight from people turning on and using their computers?
Simple counter example: Bitstream has copyrighted their fonts. You are not allowed to manufactur a printer and make it print Bitstream's fonts without paying them a royalty. Yet Bitstream has no problems with you printing a document using those fonts. There is no copyright exception in their license. It is just assummed that such obviously intended use does not violate copyright. Same is true for a copyright with a GPL exception.
Nonsense. The mouse cursor reappears when you move the mouse, which is how you find the mouse even if it is not invisible (do you really think people look all over the screen for the image of the arrow, rather than jiggle the mouse and look for the moving thing?).
His modal dialog comment is stupid, though. Getting rid of modal dialogs has been one of the big deals in improving the user interface experience. A real fix would be to avoid the inconsistent states, rather than the simple fix of going back to modal boxes. In his Gimp example, closing the image should maybe pop up a question "you were trying to save this to a file, are you sure you want to close it" and if they still close it, get rid of the dialog as well.
The GPL does not force you to do anything. By their explanation Ford motor company is "communist" because to use their cars you are "forced" to give them money.
Just copyright your code. No license at all. That's exactly what you are asking for.
Actually you did mention "allow forking if I discontinue the software". You might be able to write up a small license that says somebody can violate the copyright if you stop supporting the software, though exactly how to word that is questionable.
I've had zero luck getting this to work. Resulting files have garbage in them and do not act like they are the linked file. tcsh obviously does not use this to fake symbolic links, at least the resulting files from tcsh are readable, but it's not a solution either.
The Unix problem was a large number of programs that were setuid, meaning they got root permissions no matter who ran it. This meant any bugs in them could be exploited to do things with root permissions as well.
Certainly not a good thing, as people have learned, and a lot of those programs were setuid for the same stupid reasons that Windows programs force everybody to run as root, such as the need to write to one status file that the programmer put in a location that is normally root-only, not because they needed special privledges to get their job done.
But this is still far better than Windows. Unless you were root you could not turn any random program into a setuid program. In Windows you are root all the time and thus *all* programs are setuid even if the programmer knows it is not necessary.
Or they could use a file system where you can rename a file that is in use. Unix had this in 1970. But apparently Microsoft has not gotten around to "innovating" it yet, so to you such an idea just does not exist.
As for your first point, it's quite certain Microsoft is planning an Apple-style system (which is built atop the Unix system, you know). Installing a program will pop up a box that says "you have to type your password in to install this". There won't be any need to log out and then back in as administrator to do things, that would be stupid. Unix would probably have done this years ago except it was easy to log in to root from an existing terminal without having to kill all your programs.
Actually further reading of the article leads to the same conclusion, except it appears the communication between bind and Windows DNS is the other way.
It sounds like bind9 removes the data that can poison Windows DNS, yet bind8 and earlier will pass it through. I don't understand why these earlier ones pass the data yet don't get "poisoned" themselves, but I really don't know how DNS works.
In any case I stand by my original statement that a network of only older Windows machines would be vulnerable, and a network of only older Bind machines would not. Therefore I consider this a Windows bug. Your complaint is like saying the mail server that passes through a Windows virus is at fault and not the Windows machine that executes that virus.
My understanding is that if the network consisted only of older Windows DNS servers, it would be subject to this problem. If it consisted only of Bind8 then it would not. The bug in bind8 is that it copies the bad data from Windows. But if you had no bind8 servers, you would still get the bad data from Windows when looking up web sites. Therefore I would say the serious bug is in Windows.
More at fault though is the total parnoia about back-compatability that seems to actually be hurting everybody, Windows and Linux. It's obvious that somebody at Microsoft actually fixed this problem and added it to their DNS. But rather than just turn it on, they added a "configuration" so you could set it, and defaulted it to off, probably because of a worry that it would somehow break something (all these reports say nothing about this switch actually breaking somethings).
Certainly Linux has long been guilty of shipping with all kinds of broken services switched on (an original RedHat 6 or so box is far more vulnerable than anything today), and that was due to paranoia about being incompatable.
Technically they are guilty of copyright violation. It does not matter whether they release any source code or not, it does not change the existence of the previous copyright violation.
However the copyright violation does not matter if nobody tries to sue them for it. It is highly likely that releasing their source code will discourage any such lawsuits.
The GPL is designed to only be an "exception" to copyright laws. It only says "you are allowed to do these things that copyright law does not allow". This makes it a license and not a contract, because you lose nothing by "agreeing" to the GPL. If the GPL restricted you from doing something you normally could do, it would be a contract, and you would have to sign it (which is impractical for widely and freely disseminated software, especially since EULA's are considered unenforcable).
Use inside a company like you said falls into the "fair use" exceptions to copyright law. It is allowed by copyright, so there is nothing the GPL can do about it, without becoming a contract. Therefore, whether RMS wanted it this way or not, the GPL can't do the type of restrictions you are asking for.
Once GPL source files (or variations therof) have been included in a piece of software, the entire software is now GPL?
No.
First of all, if you don't distribute it, you have done nothing wrong. You can even remove the GPL parts, replacing them with other code, and sell the result as closed-source software, and you are totally within your rights.
Even if you did distribute the program using GPL code, and were caught, the only thing wrong is that you are guilty of copyright violation. There is NO precedence for somebody being legally required to give up the copyright their own material due to them doing a copyright violation. The normal legal requirement is that you would have to stop distributing the violating code, and pay monetary damages. Assumming your company survived the damages, you could still rip out the GPL parts, replacing them with other code, and sell the result as closed-source software anyway.
So you are wrong, the GPL does not infect code at all. There is no sceneario where you will be forced to lose any copyright protections on your code.
What's to stop the company he sold it for from distributing it if they wanted to
Nothing.
or if someone inside leaked a copy?
In this case I think the company has some legal recourses, since they did not intend to distribute the program, and thus had no obligation to release the source.
OSS communities tend to settle on one project, and nothing or noone ever seriously competes with it
It actually looks like OSS settles on exactly two of each project: Linux + BSD, KDE + Gnome, Perl + Python, etc. Does anybody have a theory why? It seems to me there is a distinct trend towared two of everything, rather than one or more than 2.
My guess is that it would go to the delete page without asking the question. However an intelligent one may be able to detect that it is too complex, and go to a page saying "it's trying to execute this javascript and here are my guesses as to the URL's it's trying to open "
If you want to hide where the antiaircraft batteries are, try painting out the roofs of a *lot* of buildings in the area, not just the ones with batteries. Or carefully photoshop in a roof on the building with the real battery and do obvious paint jobs on unrelated buildings. Then again, maybe they did this already.
Not having "." in the path is to fix a much simpler expliot. As a cracker, make a program called "ls" and make it do whatever you want, assumming it has root privledges, and then leave it in /tmp or anywhere you can write. Then wait for the root user to happen to cd to that directory and type "ls". You are in.
Removing "." removes the one directory from a typical user's path that other users can write to.
Since virtually every laptop carried by a airline traveller has a wireless card, and I'm sure virtually every one of those has the wireless enabled by default, doesn't this mean there is plenty of wireless traffic inflight from people turning on and using their computers?
Simple counter example: Bitstream has copyrighted their fonts. You are not allowed to manufactur a printer and make it print Bitstream's fonts without paying them a royalty. Yet Bitstream has no problems with you printing a document using those fonts. There is no copyright exception in their license. It is just assummed that such obviously intended use does not violate copyright. Same is true for a copyright with a GPL exception.
Nonsense. The mouse cursor reappears when you move the mouse, which is how you find the mouse even if it is not invisible (do you really think people look all over the screen for the image of the arrow, rather than jiggle the mouse and look for the moving thing?).
His modal dialog comment is stupid, though. Getting rid of modal dialogs has been one of the big deals in improving the user interface experience. A real fix would be to avoid the inconsistent states, rather than the simple fix of going back to modal boxes. In his Gimp example, closing the image should maybe pop up a question "you were trying to save this to a file, are you sure you want to close it" and if they still close it, get rid of the dialog as well.
And how exactly does that explain why they switched away from the IE that came free and preinstalled on the computer?
The GPL does not force you to do anything. By their explanation Ford motor company is "communist" because to use their cars you are "forced" to give them money.
Just copyright your code. No license at all. That's exactly what you are asking for.
Actually you did mention "allow forking if I discontinue the software". You might be able to write up a small license that says somebody can violate the copyright if you stop supporting the software, though exactly how to word that is questionable.
Plus I think the urban legend way predates any Seinfeld episodes.
It means it will pop up a "you have to type in your Administrator password to do this" dialog box. They won't be prevented from doing things.
I've had zero luck getting this to work. Resulting files have garbage in them and do not act like they are the linked file. tcsh obviously does not use this to fake symbolic links, at least the resulting files from tcsh are readable, but it's not a solution either.
I've tried these and they don't work. The resulting files are unreadable by programs using open() or fopen().
The Unix problem was a large number of programs that were setuid, meaning they got root permissions no matter who ran it. This meant any bugs in them could be exploited to do things with root permissions as well.
Certainly not a good thing, as people have learned, and a lot of those programs were setuid for the same stupid reasons that Windows programs force everybody to run as root, such as the need to write to one status file that the programmer put in a location that is normally root-only, not because they needed special privledges to get their job done.
But this is still far better than Windows. Unless you were root you could not turn any random program into a setuid program. In Windows you are root all the time and thus *all* programs are setuid even if the programmer knows it is not necessary.
Or they could use a file system where you can rename a file that is in use. Unix had this in 1970. But apparently Microsoft has not gotten around to "innovating" it yet, so to you such an idea just does not exist.
As for your first point, it's quite certain Microsoft is planning an Apple-style system (which is built atop the Unix system, you know). Installing a program will pop up a box that says "you have to type your password in to install this". There won't be any need to log out and then back in as administrator to do things, that would be stupid. Unix would probably have done this years ago except it was easy to log in to root from an existing terminal without having to kill all your programs.
The fact that the bits don't propagate is not a good argument against using bits. ACL's can also be misdesigned so that they don't propagate either.
Actually further reading of the article leads to the same conclusion, except it appears the communication between bind and Windows DNS is the other way.
It sounds like bind9 removes the data that can poison Windows DNS, yet bind8 and earlier will pass it through. I don't understand why these earlier ones pass the data yet don't get "poisoned" themselves, but I really don't know how DNS works.
In any case I stand by my original statement that a network of only older Windows machines would be vulnerable, and a network of only older Bind machines would not. Therefore I consider this a Windows bug. Your complaint is like saying the mail server that passes through a Windows virus is at fault and not the Windows machine that executes that virus.
My understanding is that if the network consisted only of older Windows DNS servers, it would be subject to this problem. If it consisted only of Bind8 then it would not. The bug in bind8 is that it copies the bad data from Windows. But if you had no bind8 servers, you would still get the bad data from Windows when looking up web sites. Therefore I would say the serious bug is in Windows.
More at fault though is the total parnoia about back-compatability that seems to actually be hurting everybody, Windows and Linux. It's obvious that somebody at Microsoft actually fixed this problem and added it to their DNS. But rather than just turn it on, they added a "configuration" so you could set it, and defaulted it to off, probably because of a worry that it would somehow break something (all these reports say nothing about this switch actually breaking somethings).
Certainly Linux has long been guilty of shipping with all kinds of broken services switched on (an original RedHat 6 or so box is far more vulnerable than anything today), and that was due to paranoia about being incompatable.
Technically they are guilty of copyright violation. It does not matter whether they release any source code or not, it does not change the existence of the previous copyright violation.
However the copyright violation does not matter if nobody tries to sue them for it. It is highly likely that releasing their source code will discourage any such lawsuits.
The GPL is designed to only be an "exception" to copyright laws. It only says "you are allowed to do these things that copyright law does not allow". This makes it a license and not a contract, because you lose nothing by "agreeing" to the GPL. If the GPL restricted you from doing something you normally could do, it would be a contract, and you would have to sign it (which is impractical for widely and freely disseminated software, especially since EULA's are considered unenforcable).
Use inside a company like you said falls into the "fair use" exceptions to copyright law. It is allowed by copyright, so there is nothing the GPL can do about it, without becoming a contract. Therefore, whether RMS wanted it this way or not, the GPL can't do the type of restrictions you are asking for.
Once GPL source files (or variations therof) have been included in a piece of software, the entire software is now GPL?
No.
First of all, if you don't distribute it, you have done nothing wrong. You can even remove the GPL parts, replacing them with other code, and sell the result as closed-source software, and you are totally within your rights.
Even if you did distribute the program using GPL code, and were caught, the only thing wrong is that you are guilty of copyright violation. There is NO precedence for somebody being legally required to give up the copyright their own material due to them doing a copyright violation. The normal legal requirement is that you would have to stop distributing the violating code, and pay monetary damages. Assumming your company survived the damages, you could still rip out the GPL parts, replacing them with other code, and sell the result as closed-source software anyway.
So you are wrong, the GPL does not infect code at all. There is no sceneario where you will be forced to lose any copyright protections on your code.
What's to stop the company he sold it for from distributing it if they wanted to
Nothing.
or if someone inside leaked a copy?
In this case I think the company has some legal recourses, since they did not intend to distribute the program, and thus had no obligation to release the source.
OSS communities tend to settle on one project, and nothing or noone ever seriously competes with it
It actually looks like OSS settles on exactly two of each project: Linux + BSD, KDE + Gnome, Perl + Python, etc. Does anybody have a theory why? It seems to me there is a distinct trend towared two of everything, rather than one or more than 2.
My guess is that it would go to the delete page without asking the question. However an intelligent one may be able to detect that it is too complex, and go to a page saying "it's trying to execute this javascript and here are my guesses as to the URL's it's trying to open "
If you want to hide where the antiaircraft batteries are, try painting out the roofs of a *lot* of buildings in the area, not just the ones with batteries. Or carefully photoshop in a roof on the building with the real battery and do obvious paint jobs on unrelated buildings. Then again, maybe they did this already.
Is Google maps doing the roads in Europe yet? (sorry on Safari, I can't check). Last time I looked it was US only.
So you are against copyrights, huh?