Rather, it's copyright with a clause to prevent you holding exclusive copyright.
What you're talking about here is "public domain" or, basically, abandoning ownership (or "right") to the public. In that case, everyone has non-exclusive ownership of the item in question.
I think the clearest way to demonstrate the difference is in discussing re-licensing. Stary touched on this earlier, but I'd like to drive the point home a bit further.
If I release code, I can license it any way I feel fit. I can license it under the GPL. I can license it under a more restrictive license. I can license it under a number of concurent licenses (see Perl). I can license it under the GPL, then later re-license it under a different license (see SSH).
If I take GPL code, thus accepting the GPL license, I can not then release it under another license. I do not own the code, I do not own the copyright.
If, however, the origional author of GPLed code gave or sold me the rights to a project, I then am the new copyright holder and am free to license it any way I feel fit (again - see SSH for an example). But this is a very different act than providing someone a copy of the code under the GPL license.
If you GPL something, you can still sell the code to someone under a non-exclusive license, but you cannot transfer exclusive ownership in the way the settlement appears to have done.
You most certainly can. I can generate a piece of code and then license it under any number of concurent licenses and basically say "take your pick" - check out Perl. I can also develop an app, GPL it... and then later sell it to a comercial interest who, being the new owners, license it to their own satisfaction. This does not negate the GPL licensed code that already exists. And even if it potentially locks away code from future official revisions, it doesn't stop someone from forking the code at the last GPL license and improving it from that point on. Check out SSH and OpenSSH for an example of that.
What we're loosing sight of here is exactly what ownership is. You don't have to have ownership to use / distribute something. Consider commercial software (that allows you use but not distribution) and shareware (that allows you limited use until you pay a fee and often unlimited distribution). In neither case do you own the copyright to the software - but you are licensed to perform various actions with it.
Matel obviously wanted ownership to "kill" the offending code. But the GPL is a very different kind of license; in effect, it disables this legal tactic. I'm sure Matel's lawyers weren't expecting such a hack to be licensed, much less under such a non-standard license as the GPL.
Of course, Matel's ownership of this code is not without value. They can feel free to re-license it and develop closed improvements to it under that new license. They can lock up a niche market.
Every time I hear Stallman talking about freedom, I wonder if he really understands what it means. If I download a piece of GPLed code, I am not allowed to change it, compile it and give away only binaries. Where is the freedom in that?
Every time I hear this argument, I wonder if people really understand the concept of the GPL.
Want absolute, unarguable, 100% philosophically pure freedom? Release your work to the Public Domain. Why bother with licenses at all? After all, a license is just some kind of restriction.
The system that exists to protect intellectual property, I'm sure, has a noble intent. However, we've seen it abused by business types with the morals of your favorite voracious predator. These people have no appreciation for the hack; they make no considerations towards technical improvement. All they want is financial gain and this is often achieved by hording knowledge. Progress suffers because of this attitude.
The GPL is a hack of the whole license system. It uses the license to, in effect, eliminate a lot of the abuse that licensing allows. But by its very definition, such a license will involve some kind of limitations on what one can do.
It'd be nice if we could live within an environment that allowed total freedom. But history has proven that such anarchy ends up with the rule being "might is right". We all know Corporate might has almost forced this rule into being again. We hardly need to strengthen this situation with a call for a return to anarchy.
It's trivial to hide stuff like tfn in plain sight in the 'nix-es - simple patches to who, ps, top, syslogd, etc.. and I'm done.. but I've yet to figure out how to patch g-d taskmgr and pview (or the new g-d sfp stuff).. To say nothin 'bout the old capture login & password scripts for enticing the unwary 'nix admin.. or peering into pgp-s process space..
Nice fear tactics. Spook the horses. Have a chuckle.
Of course, much of the same points made here can be made about closed flavors of Unix and even WinNT. Our dear Joe Friday may not have figured out how to do it... but NT utilities can be trojaned. Eeye gave an interesting demonstration at toorcon doing just that.
Closed source... obsurity... does not provide security.
I'm not about to start arguing the virtues of non-open source software; I do like and use open source software every day. But when I first started using it, I really thought it was absurd that anyone took software so seriously as to think there should be this whole philosophy surrounding it. I mean, it's just software. It's a tool. And having a philosophy about it is like having a philosophy about a screwdriver. (I know I'm going to get attacked for that)
You've summoned a theme that shows up occasionally in Slashdot discussions where two OS' are compared. The theme can be summarized as "An Operating System is a tool. How can you be passionate about a tool?"
I can only guess that those who ask this question are not craftsmen, nor have they spent time around one.
To a layman, a tool is a tool. A cheap, shoddy screwdriver does as good a job as a well-crafted expensive one. Heck... a hammer might do as well.
But the right tool means much more to a craftsman. A craftsman has a much better understanding of their work than a layman and is therefore capable of doing a lot more; assuming they have the right tools. Good tools might enable a craftsman to get a particular job done faster. They might enable the craftsman to do better quality work. Or they may be the requirement the craftsman needs to be able to do the work to begin with. Take away his tools and a craftsman's work suffers. It is therefore not surprising a craftsman can be very particular about their tools. They may even be passionate about them.
This idea is universal. You can apply it to any situation where a tool is used by skilled hands.
I drive my car to work daily and think little more of it. I even occasionally manage to get regular maintenance done on time. For me, the car is a practical tool I use to get around in. A friend of mine spent almost every weekend tweaking his car. And it showed. His car performed much better than mine ever had. It was even apparent when he offered to work a bit on my car. He was passionate about cars. I wasn't. But I knew if I needed help with my car, I could turn to him (and he had a heck of a tool box too).
When I started playing paintball, I did fine with a rental paintgun. But as I played the sport more and my proficiency increased, I bought my own. It was a better quality model than the rentals. And I would tweak it. I customized parts. I kept up on all the latest info on getting the most performance out of my gun. You'd almost think the sport itself was all about building paintguns. But ultimately, it was how you performed on the field. Having a paintgun that performed just the way I wanted it to without fail was vital to that peformance.
So what about the IT world?
Whether we administer networks and the systems that make them, or develop applications and operating systems... we are all craftsman. We have a level of skill that exceeds the layman. We know the differences between various operating systems and applications. We know the intricacies of using those tools. Performing our craft is much easier when we have access to well-made tools that provide the power that we need to do our work and that we are familiar with. Without those tools, our work suffers. Why shouldn't we be passionate about them?
Look at the rapid increase in problems with Quake bots after source was released.
The release of the Quake source code, and the subsequent increase in cheating within that environment, has been invoked as proof of the failure of Open Source security a few times now. While this event did provide a few valuable lessons in designing a secure environment, the conclusion of Open Source's failure (and the subsequent strength of obscurity) misses the point.
First and foremost, it has to be mentioned that Quake has a very poor security model. It relies heavily on client-side security. Quake isn't alone in using this model; however, it provides countless ways to attack the integrity of the environment. To id's credit, there are some very important performance reasons this model was adopted (search for Carmak's Slashdot posting on this topic). Nevertheless, we have a design that is wide open to attack.
Closed source obscurity did not protect Quake. It sometimes sounds like Quake's cheating woes didn't begin until the release of the Quake source. Untrue. While Quake was a closed source product, various ways to cheat existed (proxies, hacked maps, hacked models, etc.) It wasn't as wide-spread and blatant as it is now, but cheating was hardly uncommon.
Open Source changed the environment. By releasing the source code, Carmak allowed the world to see exactly how insecure the Quake environment was. Blatent cheats (ie: speed cheat) appeared. Cheats became more widespread as more people had access to them. It would be ignorant to claim that the Quake community hasn't suffered because of this. And many blame Open Source and the GPL.
But blaming Open Source, and claiming the widespread cheating is an example of how Open Source can't be secure, is also just as ignorant. Quake itself is to blame. Its security model needs a complete overhaul. Open Source developers have a chance to shine. Their challenge is to do that overhaul - make Quake playable and secure. As Carmak has noted, its no easy task.
Whether Open Source developers are able to "fix" Quake or not... there will be one thing for certain. We will all know how secure Quake is. Before, only a select few knew of its weaknesses. And some of those select few used their rare knowledge to exploit the environment without public awareness.
An interesting side note to all this... I visited a Quake cheating web site the other day. It seems that they pulled a bunch of the cheats since they violated the GPL (no source code available).
In the interest of credit where its due - its interesting to see a mass-appeal author publish direct to an electronic format. But shortly after that first nod, we find a slew of questions... what format is it? What platform can I read it on?
Although it is a different situation... I would give O'Reilly more credit for pushing forward electronic publishing than the current King release. The CD Bookshelf series (covering subjects from Unix to Networking to Oracle/SQL) is a collection of O'Reilly technical books on a subject all bundled on a single CD. With example code. A search engine. And its HTML.
Yes... HTML.
No special OS-specific readers; no additional software. Fire up your favorite browser and go. Yes. Even Lynx. Want to search your collection? The search engine is JAVA. A little more involved in some cases, but still quite cross-platform.
Of course, the great thing about this collection is the ability to get at a large amount of data quickly, efficiently, and easily. Carry it with you. Load it up on your laptop. Mount it in your home system and SSH in to run lynx or w3m and browse. But there's another portability issue that O'Reilly's bold move to HMTL provides that other e-book proprietary formats do not.
You can access the data you paid for in any way that's usefull to you.
People have already pointed out they're not about to get comfy in front of their PC to enjoy a book. And its not likely to happen with a bulky laptop. I've found my Palmpilot makes a very functional platform for comfortable reading (others have complained about the size of the text - YMMV). Ahh! But I don't want to cram one of those large HTML browsers and the HTML file in to my limited Pilot's memory. No problem. A quick HTML to DOC conversion and I've got a few select chapters ready for handy reference away from a network or to study in the comfort of my living room chair.
I mentioned that O'Reilly has made a bold move. Their choice in a very functional, but technically unprotected, file system is an interesting one. Hasn't their use of an easy-to-copy format opened them to piracy? I've asked the question of Tim O'Reilly himself in more than one forum. No answer. But you'll note that they have continued to update and expand their CD Bookshelf offerings. Perhapse they know something that remains a mystery to even the publishers of Steven King.
I don't have to pay for your T-shirt if i don't want it. Just like spam.
You've missed the point.
When you get spam, you've paid for it. You've spent time to download and delete the messages. The transfer of that data has been paid for by the ISPs, backbone providers, unwiting relay hosts, and in some cases, you the receiving party.
In fact, the only person who HASN'T paid for that message is the person who sent it.
Well it is. Just like junk mail is in the mailbox. Part of the price for freedom of expression - that includes being subjected to the expression of others.
Standing on a bench in a public park giving a speech is freedom of expression. Standing on the patio furninture in your back yard giving a speech is trespassing. The later is illegal.
I think that was one reason that Star Trek had such a stronger impact in its original version. The created tech had more room to be plausable. Now that science has caught up so much, the Trek franchise is caught in the dilema of abandoning its previous 'tech' or start breaking rules that current science is beginning to establish.
At the risk of wandering off-topic, I'd like to look a little closer at this point. I think you've managed to make a very good observation on Mission to Mars, yet have missed the point with Star Trek.
I stumbled on an interesting book on the Origional Star Trek series (published sometime before '84). It was full of facinating stories and interviews with people involved with the series. The tone is set with the discussion of Gene Roddenberry's desire to do SciFi differently in an era where "SciFi" meant bugeyed rubber monsters.
Some of the interesting stories are where Gene got his ideas. Many came from discussions with NASA researchers. The Enterprise design. Ion drives. Transfering energy from one form to another (transporters).
Other stories come from the public's reaction. One company had called the studio demanding to know who the information leak was. Seems they were working on a top-secret product and it had shown up on an episode of Star Trek. Diagnostic medical beds; the idea had made sense at the time. The fact that someone was already working on making the idea a reality was a coincidence. Another medical musing was the discussions Deforest Kelly (Bones) had with real doctors over his medical equipment. They were quite impressed with the concepts the show used, if not disappointed to find out the actual "instraments" were salt shakers.
The show was making up its own physics as it went along. Sometimes some scientific concept would make it in to a show. Sometimes an arbitrary decision was made that later became a rule (the Vulcan nerve pinch). But once a rule was made, it was followed. Walter Coenig (Checkov) once got in to an argument with a guest director over the layout of his station's instrament pannel. The director wanted him to flick some switches. Walter refused on account that activating those particular switches would destroy the ship.
Star Trek wasn't perfect (I'm sure a greater Trek fan than myself could list its faults by heart). Its views have, in many ways, become dated. But at the time of its creation, it was unique in the amount of science and detail it involved.
The lessons of the Origional Star Trek has been lost on the new Star Trek offerings. In some cases, they have the story right. They have characters. But the science is nothing more than a writer's note of "(techno babble)" to be filled in with a string of Trek buzzwords as an afterthought. No reasearch. No theory. There is no science. Instead, it is CGI induced fantasy. And merchandise.
But we still love Star Trek. We still enjoy the latest episode even if it involves a sudden resolution involving Tachyon particles. We know its fantasy. And we're willing to buy it.
I think this is the failing of Mission to Mars. Star Trek's new writers are comfortable in their science fantasy world. They make no claims to their science heritage. However, the makers of Mission have a different claim. They claim true science. They boast, "it is realistic and extremely authentic."
But its not.
It is fantasy. The science is along just for the ride. And merchandising.
A heavy-lift booster in this class could throw a pretty good-sized payload to Mars for a "Mars Direct" type of manned mission.
It would seem that conventional chemical reaction engines will be used to push hardware in to space. However, once there, other technology will probably take over.
I believe real tactics make for a poor movie. This recent eposide proves this as their players make the same tactical mistakes so many other movies fall in to.
The opening scene within the game seemed right. You could almost feel the tension and adrenaline gripping the players as they get ready to go. They bounce back and forth.
Chomp at the bit.
Buzzer. Gate. Violence unleashed...
And all the players run to the same bunker. "Newbie cluster!" my wife yells. She doesn't play FPS games. But she does play paintball. In either case, it makes everyone one big massive target. I suppose it also makes it easier to get the camera angles right. Better make the scene quick.
The next thing we prove is that Hollywood can not produce a bad guy who can aim. Even if they program them. Our 3 players in the opening scene run forth into a gauntlet of machine-gun toating bad guys who have the advantage of cover, angle, and height. Our heros' guns blaze and take out Bad Guys left and right. Granted, one of the players gets hit. He probably shot himself.
Savor this moment. Other than the shapely Laura-in-leather killer AI, this is the end of the action within the FPS environment.
The rest of the "action" scenes involve our heros standing still and wiggling around a bit as they squeeze a trigger. "Wow! Look at her go!" admires an onlooker as Scully mows down the bad guys. Yea. She's skillfull with that trigger squeeze.
I find myself yelling "Straffe, damn you! Straffe!"
Once again, I suspect its so much easier to shoot a scene involving a solitary figure waving a gun around. Interject a bit of reality, and the majority tail end of the scene is our hero's gibs.
I suppose its silly of me to complain. I should be happy with what they seem to think is action. Next thing you know, I'll be demanding something that can be identified as a story-line and plot.
Was it just me, or did the whole thing come off as a direct ripoff of the "Holodeck gone wrong" episodes from ST:TNG?
Oddly enough, I think the Star Trek franchise's ongoing holodeck-goes-wrong plot device is pulled off better than this X-Files episode.
And yes... I find that statement scarry. I tend to suspect the holodeck is the writer's biggest copout right behind solving the current deleamma with tachyon particles/field.
Do you ever think why are so many MCSEs needed? Because to administer an NT network you need a lot of silly NT admins that will run around silly NT boxes that need to be rebooted or administered. NetWare does not need that, hence the little number of CNEs around.
Interesting. By this account, there are only so many CNE available because its an admin's dream job. Apparently, the shrinking install base of Novell and the desire for clueless HR to see the latest alphabet string on a resume plays no part in this.
My experience is completely different.
In our environment, Novell is a dinosaur. To its credit, the old install base of Novell servers are performing their jobs admirably. But they're being replaced by NT. And the admins know it. They can't wait to get pulled from the Novell pool and get their MCSE. One admin I talked to was rather bitter about being held in an "unmarketable" position by the company.
Technical merrit need not apply to this conversation. Certification is as much about marketing as technical issues (be it the base technology or the individuals involved). And true to form, Microsoft has positioned themselves (and their certifications) into a much nicer position than Novell.
One final comment...
If the generalizations expressed in this post were slighting Linux, it would have been labled a troll. And to think we feel cheated by other's FUD.
SSH 1.2.x only links against RSAREF if you tell it to. This is only an issue for places where the RSA patent is valid (which, by the way, expires in September of this year).
No good deed goes unpunnished.
Those who actually tried to stay within a quasi-legal standing in compiling SSH1 with RSAREF ended up with an insecure implementation. The thing to consider here is... did it buy them much? There is still some question whether using RSAREF actually allows one to avoid licensing issues. I wouldn't be suprised to find more installations of SSH1 today compiled by admins who got fed up with the whole situation.
As a side note, admins working for the US Government have no need to worry about RSA licenses. The US Gov't has an open license to RSA since Government money was used in developing RSA at MIT.
Since the VA buyout, Katz is posting pure crap!!! Entertainment stories and fluff-pieces seem to get priority over News For Nerds! WHY?
Ya know... Katz has been posting pure crap way before VA came in to the picture. And I believe the "News for Nerds" mantra has been invoked to critique entries well before the Andover deal was announced.
You may not like Katz. You may not like some of the subjects that show up. But invoking the Corporate Conspiracy is a bit much. Save it for when there really IS evidence of marketing manipulation.
The keyspace is only 2^56 in size - the same size as RC5-56. Remember, that algorithm that distributed.net killed a year or so ago?
The DeCCS legal proceedings are already hammering home a very important point - it doesn't have to be GOOD encryption to be EFFECTIVE encryption.
A small group of people will always have access to whatever data is out there no matter what its protection system is. I believe the industries made up of IP holdings already understand and quietly acknoledge this.
What they don't want is the masses to have that same access. The masses generally can't do it themselves and require those select individuals to provide them with tools. To get those tools out to the masses, the tool-makers require distribution channels that are open to the public (be it commercial in nature or not).
It all comes togeather with the DMCA. Bad encryption or not, the DMCA makes it a crime to circumvent copy protection mechanisms. Under the threat of legal action, there goes your public distribution channel. Bad encryption has done its intended job.
One might argue that DeCCS is under scrutany and no matter what its final legal standing ends up being - its still out there. You can get copies of it. Genie is out of the bottle and there's no putting it back. Which is true. The Code is Out There.
But developers will have to avoid using illeagal code. If its illeagal, "products" (again - commercial or not) can not be based off of it. If they are, they become the tools of an underground subset.
Once again, bad encryption has kept data out of then hands of the masses. Its done its job.
Just because you can, doesn't mean you should. I've never bought this idea that security problems need to be "demonstrated". I don't understand the mentality that thinks that breaking into someone's property is the best way to help them feel safe. (Note: Minor topic drift
You are completely correct. Demonstrating a security breach does not make someone feel safe. That's the point.
I mentioned earlier that motivation often comes in the form of money and embarassment. What drives those motivations home is fear.
People don't change things because they feel comfortable. Someone who grasps a situation may feel a bit of fear just KNOWING something is possible and that alone will motivate them to fix the situation. However, quite often officials do not grasp the situation and must have the severity of that situation demonstrated to them.
Seeing is believing. Spook the horses.
I've been in more than a few situations where some generation of fear was required to get the Right Thing done. And I'll likely do it again.
As any Star Wars fan will gladly tell you - Fear leads to the Dark Side. You can over do the fear factor. You can quickly cross from a practical demonstration of risk to out right fear-mongering. One should always be on guard against such excess.
Again, it would be nice if we were in a perfect world where simply pointing out a deficency was enough to have it corrected. But the Real World is not wired that way. To get things done, sometimes you have to push buttons; you have to present a motivating factor. Fear is one of those.
Jeez, give the guy some credit. He had to really think on his feet. I sincerely doubt he really thought it would work when he typed/nick President_Clinton, much less that they'd auto +v him.
True... I may have sounded more harsh than I intended. You'll note I went on to say...
(and I admit I did get a chuckle out of the whole situation)
Any criticism on my part was to seperate this individual event from some of the great hacks from history that I alluded to. I found this event amusing and well handled. But it wasn't one of the classic hacks. And there's no crime in that.
Good work, genius. Why didn't you drop an email to CNN's people, letting them know about this problem?
Of course not, because that wouldn't give you a chance to put up a "Look how cool I am!" web page.
Heck, the guy practically praises the event at the beginning of the article, calling it "a reasonable attempt to integrate two media".
So, if it was so reasonable, why did you feel the need to screw around with it?
The ugly truth to large organizations is that they act on very specific motivators. Quite often the motivator involves money - either how to make it, or how to avoid spending too much of it. Other times, it involves a more political motivation. One such motivation is embarrassment.
If these organizations were motivated by what I'm sure many Slashdot readers would consider more noble motivations such as doing the technically Right Thing... then a simple email may have sufficed. However, for one reason or another, the history of computing is full of examples where such warnings go unheeded. That same history is also full of examples where a technical prank that was humorous, intelligent, and most importantly non-damaging was played to embarrass authorities into correcting a technically hazardous situation. This is the true legacy of the technical prank sometimes included in the definition of a "hack".
Whether this particular prank was intelligent could be up for debate. I believe that calling for "more porn" is hardly original. But then, that's probably as much to do with one's taste in humor as well intelligence (and I admit I did get a chuckle out of the whole situation). But the prank did no damage. It has caused a reasonable amount of embarrassment for CNN. And you can bet that CNN will be doing something to their environment to ensure this kind of situation does not happen again.
my point remains: DeCSS CAN BE(and indeed IS) used for copying DVD content.
That's a valid point. And it seems to be the angle the MPAA likes to push: DeCCS copies intellectual property.
The MPAA, and their bretheren media industry organizations, hate that.
They also hate "fair use". They've taken the issue to court. They lost.
There have been legal precidents set that support the copying of intellectual property for personal use AND the movement of this property from one media to another.
Distributing illegal copies of intellectual property is a different matter. The fact that DeCCS may aid in this is a moot point.
From the Betamax case (US Supreme Court, 1984, Sony Corporation v. Universal City Studios):
The sale of copying equipment, like the sale of other articles of commerce, does not constitute contributory infringement if the product is widely used for legitimate, unobjectionable purposes. Indeed, it need merely be capable of substantial noninfringing uses.
At first glance, this may not seem like much of a big deal. After all, Linux support is but one of many requirements for JSC's next laptop purchase. But if you know a little bit about the IT history of JSC, you'll see this is a very favorable nod to Linux.
JSC has been the site of an IT jihad. In 1996, the head honcho of IT at JSC made a push to "standardize" the IT environment. His decision was to ignore the advice to use standardized, cross-platform file formats and instead make JSC a Microsoft shop. This put the large userbase of Macs directly in the line of fire and they fought back. It became a long, drawn out political fight between JSC officials, the Inspector General, and Congress. In the end, nobody completely won. But Microsoft technology made some major leaps forward in seizing control of JSC's IT infrastructure.
Like with many other large organizations, JSC today is very much a Microsoft shop. It is a prime test center (read: Microsoft partner) for various MS offerings to include Exchange, SMS, and Win2K. But Microsoft does not hold all of JSC. Macs have made a comeback. Various Unix flavors exist to include Solaris, HPUX, AIX, IRIX... to name a few. VMS has always been in the shadows. And Linux is sprouting up.
Linux shows up as "testbeds" in various organizations. It runs tasks as rogue installations (desktops as well as servers). And one organization has even created their own dual-boot Windows/Linux standard desktop load. Furthermore, the ODIN IT contract has received requests from JSC "customers" for a Linux load.
And now JSC's contracting office has set Linux as one of its requirements for future hardware purchases.
JSC has followed the pattern so many other organizations have followed. Linux has gone from an obscure user-supported rogue installation to an official, sponsored requirement. The fact that this was done in spite of the direction of internal political pressure and the natural tendancy of these kinds of large organizations to resist change is a tribute to Linux.
That we had the balls to come to New York should also not be in dispute.
"There is a fine line between bravery and foolhardiness."
In an environment where businesses are working hard to build a unique business model and at the same time earn the respect of the community that they depend on... LinuxOne has done nothing to earn any simular respect. A foolish publicity stunt does not change that. LinuxOne charged across that fine line. Pointing that fact out just makes the act more foolish.
And, when we succed in our re-engineering and overhaul of our practices we'll expect the same level of coverage of that too.
The sad thing is that Linux - its legal workings, its code, and its community - is freely available online. There is no veil of secrecy. The legal requirements and the expectations of Linux's community are available for the reading; mirrored in many cases. It just takes someone with the vested interest in Linux to look and read.
That this minor research hasn't been done already is disturbing. Surely the effort it took too find Linux code would have exposed LinuxOne to its community and, even more blatent, its legal language? The cynical amoung us would point out that, given the simplicity of the task, the information found was most likely ignored. You'll forgive me if I find myself affected by these cynics and doubt the need to cover any future "overhaul of [your] practices".
These things are acts of war against the people of the United States, and it is certainly within the obligations of our government (as outlined in the Constitution) to defend against them. Therefore, what you're calling "censorship" is nothing of the kind. It's just a common-sense attempt to protect our nation from its enemies.
I think the clearest way to demonstrate the difference is in discussing re-licensing. Stary touched on this earlier, but I'd like to drive the point home a bit further.
If I release code, I can license it any way I feel fit. I can license it under the GPL. I can license it under a more restrictive license. I can license it under a number of concurent licenses (see Perl). I can license it under the GPL, then later re-license it under a different license (see SSH).
If I take GPL code, thus accepting the GPL license, I can not then release it under another license. I do not own the code, I do not own the copyright.
If, however, the origional author of GPLed code gave or sold me the rights to a project, I then am the new copyright holder and am free to license it any way I feel fit (again - see SSH for an example). But this is a very different act than providing someone a copy of the code under the GPL license.
What we're loosing sight of here is exactly what ownership is. You don't have to have ownership to use / distribute something. Consider commercial software (that allows you use but not distribution) and shareware (that allows you limited use until you pay a fee and often unlimited distribution). In neither case do you own the copyright to the software - but you are licensed to perform various actions with it.
Matel obviously wanted ownership to "kill" the offending code. But the GPL is a very different kind of license; in effect, it disables this legal tactic. I'm sure Matel's lawyers weren't expecting such a hack to be licensed, much less under such a non-standard license as the GPL.
Of course, Matel's ownership of this code is not without value. They can feel free to re-license it and develop closed improvements to it under that new license. They can lock up a niche market.
That is... until OpenCPHack comes along.
Want absolute, unarguable, 100% philosophically pure freedom? Release your work to the Public Domain. Why bother with licenses at all? After all, a license is just some kind of restriction.
The system that exists to protect intellectual property, I'm sure, has a noble intent. However, we've seen it abused by business types with the morals of your favorite voracious predator. These people have no appreciation for the hack; they make no considerations towards technical improvement. All they want is financial gain and this is often achieved by hording knowledge. Progress suffers because of this attitude.
The GPL is a hack of the whole license system. It uses the license to, in effect, eliminate a lot of the abuse that licensing allows. But by its very definition, such a license will involve some kind of limitations on what one can do.
It'd be nice if we could live within an environment that allowed total freedom. But history has proven that such anarchy ends up with the rule being "might is right". We all know Corporate might has almost forced this rule into being again. We hardly need to strengthen this situation with a call for a return to anarchy.
Of course, much of the same points made here can be made about closed flavors of Unix and even WinNT. Our dear Joe Friday may not have figured out how to do it... but NT utilities can be trojaned. Eeye gave an interesting demonstration at toorcon doing just that.
Closed source... obsurity... does not provide security.
I can only guess that those who ask this question are not craftsmen, nor have they spent time around one.
To a layman, a tool is a tool. A cheap, shoddy screwdriver does as good a job as a well-crafted expensive one. Heck... a hammer might do as well.
But the right tool means much more to a craftsman. A craftsman has a much better understanding of their work than a layman and is therefore capable of doing a lot more; assuming they have the right tools. Good tools might enable a craftsman to get a particular job done faster. They might enable the craftsman to do better quality work. Or they may be the requirement the craftsman needs to be able to do the work to begin with. Take away his tools and a craftsman's work suffers. It is therefore not surprising a craftsman can be very particular about their tools. They may even be passionate about them.
This idea is universal. You can apply it to any situation where a tool is used by skilled hands.
I drive my car to work daily and think little more of it. I even occasionally manage to get regular maintenance done on time. For me, the car is a practical tool I use to get around in. A friend of mine spent almost every weekend tweaking his car. And it showed. His car performed much better than mine ever had. It was even apparent when he offered to work a bit on my car. He was passionate about cars. I wasn't. But I knew if I needed help with my car, I could turn to him (and he had a heck of a tool box too).
When I started playing paintball, I did fine with a rental paintgun. But as I played the sport more and my proficiency increased, I bought my own. It was a better quality model than the rentals. And I would tweak it. I customized parts. I kept up on all the latest info on getting the most performance out of my gun. You'd almost think the sport itself was all about building paintguns. But ultimately, it was how you performed on the field. Having a paintgun that performed just the way I wanted it to without fail was vital to that peformance.
So what about the IT world?
Whether we administer networks and the systems that make them, or develop applications and operating systems... we are all craftsman. We have a level of skill that exceeds the layman. We know the differences between various operating systems and applications. We know the intricacies of using those tools. Performing our craft is much easier when we have access to well-made tools that provide the power that we need to do our work and that we are familiar with. Without those tools, our work suffers. Why shouldn't we be passionate about them?
First and foremost, it has to be mentioned that Quake has a very poor security model. It relies heavily on client-side security. Quake isn't alone in using this model; however, it provides countless ways to attack the integrity of the environment. To id's credit, there are some very important performance reasons this model was adopted (search for Carmak's Slashdot posting on this topic). Nevertheless, we have a design that is wide open to attack.
Closed source obscurity did not protect Quake. It sometimes sounds like Quake's cheating woes didn't begin until the release of the Quake source. Untrue. While Quake was a closed source product, various ways to cheat existed (proxies, hacked maps, hacked models, etc.) It wasn't as wide-spread and blatant as it is now, but cheating was hardly uncommon.
Open Source changed the environment. By releasing the source code, Carmak allowed the world to see exactly how insecure the Quake environment was. Blatent cheats (ie: speed cheat) appeared. Cheats became more widespread as more people had access to them. It would be ignorant to claim that the Quake community hasn't suffered because of this. And many blame Open Source and the GPL.
But blaming Open Source, and claiming the widespread cheating is an example of how Open Source can't be secure, is also just as ignorant. Quake itself is to blame. Its security model needs a complete overhaul. Open Source developers have a chance to shine. Their challenge is to do that overhaul - make Quake playable and secure. As Carmak has noted, its no easy task.
Whether Open Source developers are able to "fix" Quake or not... there will be one thing for certain. We will all know how secure Quake is. Before, only a select few knew of its weaknesses. And some of those select few used their rare knowledge to exploit the environment without public awareness.
An interesting side note to all this... I visited a Quake cheating web site the other day. It seems that they pulled a bunch of the cheats since they violated the GPL (no source code available).
Although it is a different situation... I would give O'Reilly more credit for pushing forward electronic publishing than the current King release. The CD Bookshelf series (covering subjects from Unix to Networking to Oracle/SQL) is a collection of O'Reilly technical books on a subject all bundled on a single CD. With example code. A search engine. And its HTML.
Yes... HTML.
No special OS-specific readers; no additional software. Fire up your favorite browser and go. Yes. Even Lynx. Want to search your collection? The search engine is JAVA. A little more involved in some cases, but still quite cross-platform.
Of course, the great thing about this collection is the ability to get at a large amount of data quickly, efficiently, and easily. Carry it with you. Load it up on your laptop. Mount it in your home system and SSH in to run lynx or w3m and browse. But there's another portability issue that O'Reilly's bold move to HMTL provides that other e-book proprietary formats do not.
You can access the data you paid for in any way that's usefull to you.
People have already pointed out they're not about to get comfy in front of their PC to enjoy a book. And its not likely to happen with a bulky laptop. I've found my Palmpilot makes a very functional platform for comfortable reading (others have complained about the size of the text - YMMV). Ahh! But I don't want to cram one of those large HTML browsers and the HTML file in to my limited Pilot's memory. No problem. A quick HTML to DOC conversion and I've got a few select chapters ready for handy reference away from a network or to study in the comfort of my living room chair.
I mentioned that O'Reilly has made a bold move. Their choice in a very functional, but technically unprotected, file system is an interesting one. Hasn't their use of an easy-to-copy format opened them to piracy? I've asked the question of Tim O'Reilly himself in more than one forum. No answer. But you'll note that they have continued to update and expand their CD Bookshelf offerings. Perhapse they know something that remains a mystery to even the publishers of Steven King.
When you get spam, you've paid for it. You've spent time to download and delete the messages. The transfer of that data has been paid for by the ISPs, backbone providers, unwiting relay hosts, and in some cases, you the receiving party.
In fact, the only person who HASN'T paid for that message is the person who sent it.
I stumbled on an interesting book on the Origional Star Trek series (published sometime before '84). It was full of facinating stories and interviews with people involved with the series. The tone is set with the discussion of Gene Roddenberry's desire to do SciFi differently in an era where "SciFi" meant bugeyed rubber monsters.
Some of the interesting stories are where Gene got his ideas. Many came from discussions with NASA researchers. The Enterprise design. Ion drives. Transfering energy from one form to another (transporters).
Other stories come from the public's reaction. One company had called the studio demanding to know who the information leak was. Seems they were working on a top-secret product and it had shown up on an episode of Star Trek. Diagnostic medical beds; the idea had made sense at the time. The fact that someone was already working on making the idea a reality was a coincidence. Another medical musing was the discussions Deforest Kelly (Bones) had with real doctors over his medical equipment. They were quite impressed with the concepts the show used, if not disappointed to find out the actual "instraments" were salt shakers.
The show was making up its own physics as it went along. Sometimes some scientific concept would make it in to a show. Sometimes an arbitrary decision was made that later became a rule (the Vulcan nerve pinch). But once a rule was made, it was followed. Walter Coenig (Checkov) once got in to an argument with a guest director over the layout of his station's instrament pannel. The director wanted him to flick some switches. Walter refused on account that activating those particular switches would destroy the ship.
Star Trek wasn't perfect (I'm sure a greater Trek fan than myself could list its faults by heart). Its views have, in many ways, become dated. But at the time of its creation, it was unique in the amount of science and detail it involved.
The lessons of the Origional Star Trek has been lost on the new Star Trek offerings. In some cases, they have the story right. They have characters. But the science is nothing more than a writer's note of "(techno babble)" to be filled in with a string of Trek buzzwords as an afterthought. No reasearch. No theory. There is no science. Instead, it is CGI induced fantasy. And merchandise.
But we still love Star Trek. We still enjoy the latest episode even if it involves a sudden resolution involving Tachyon particles. We know its fantasy. And we're willing to buy it.
I think this is the failing of Mission to Mars. Star Trek's new writers are comfortable in their science fantasy world. They make no claims to their science heritage. However, the makers of Mission have a different claim. They claim true science. They boast, "it is realistic and extremely authentic."
But its not.
It is fantasy. The science is along just for the ride. And merchandising.
They didn't "loose" the tanks. The tanks were placed in an extreemly low geosyncronous orbit in advance of final component assembly.
One such technology being worked on right now is plasma engines. A proposed 2002 mission that would test this type of engine is mentioned at http://www.qu est.arc.nasa.gov/space/team/journals/petro/01-29-9 9.html. Also mentioned is an ion engine. A bit more about the plasma (or RF) engine can be found at http://www.ornl.gov/orcmt/success/rf- eng.html.
I've heard engineers at NASA refer to the plasma engine as the engine that'll take us to Mars.
The opening scene within the game seemed right. You could almost feel the tension and adrenaline gripping the players as they get ready to go. They bounce back and forth.
Chomp at the bit.
Buzzer. Gate. Violence unleashed...
And all the players run to the same bunker. "Newbie cluster!" my wife yells. She doesn't play FPS games. But she does play paintball. In either case, it makes everyone one big massive target. I suppose it also makes it easier to get the camera angles right. Better make the scene quick.
The next thing we prove is that Hollywood can not produce a bad guy who can aim. Even if they program them. Our 3 players in the opening scene run forth into a gauntlet of machine-gun toating bad guys who have the advantage of cover, angle, and height. Our heros' guns blaze and take out Bad Guys left and right. Granted, one of the players gets hit. He probably shot himself.
Savor this moment. Other than the shapely Laura-in-leather killer AI, this is the end of the action within the FPS environment.
The rest of the "action" scenes involve our heros standing still and wiggling around a bit as they squeeze a trigger. "Wow! Look at her go!" admires an onlooker as Scully mows down the bad guys. Yea. She's skillfull with that trigger squeeze.
I find myself yelling "Straffe, damn you! Straffe!"
Once again, I suspect its so much easier to shoot a scene involving a solitary figure waving a gun around. Interject a bit of reality, and the majority tail end of the scene is our hero's gibs.
I suppose its silly of me to complain. I should be happy with what they seem to think is action. Next thing you know, I'll be demanding something that can be identified as a story-line and plot.
None of it was found in this XFiles episode.
And yes... I find that statement scarry. I tend to suspect the holodeck is the writer's biggest copout right behind solving the current deleamma with tachyon particles/field.
My experience is completely different.
In our environment, Novell is a dinosaur. To its credit, the old install base of Novell servers are performing their jobs admirably. But they're being replaced by NT. And the admins know it. They can't wait to get pulled from the Novell pool and get their MCSE. One admin I talked to was rather bitter about being held in an "unmarketable" position by the company.
Technical merrit need not apply to this conversation. Certification is as much about marketing as technical issues (be it the base technology or the individuals involved). And true to form, Microsoft has positioned themselves (and their certifications) into a much nicer position than Novell.
One final comment...
If the generalizations expressed in this post were slighting Linux, it would have been labled a troll. And to think we feel cheated by other's FUD.
Those who actually tried to stay within a quasi-legal standing in compiling SSH1 with RSAREF ended up with an insecure implementation. The thing to consider here is... did it buy them much? There is still some question whether using RSAREF actually allows one to avoid licensing issues. I wouldn't be suprised to find more installations of SSH1 today compiled by admins who got fed up with the whole situation.
As a side note, admins working for the US Government have no need to worry about RSA licenses. The US Gov't has an open license to RSA since Government money was used in developing RSA at MIT.
You may not like Katz. You may not like some of the subjects that show up. But invoking the Corporate Conspiracy is a bit much. Save it for when there really IS evidence of marketing manipulation.
I mentioned earlier that motivation often comes in the form of money and embarassment. What drives those motivations home is fear.
People don't change things because they feel comfortable. Someone who grasps a situation may feel a bit of fear just KNOWING something is possible and that alone will motivate them to fix the situation. However, quite often officials do not grasp the situation and must have the severity of that situation demonstrated to them.
Seeing is believing. Spook the horses.
I've been in more than a few situations where some generation of fear was required to get the Right Thing done. And I'll likely do it again.
As any Star Wars fan will gladly tell you - Fear leads to the Dark Side. You can over do the fear factor. You can quickly cross from a practical demonstration of risk to out right fear-mongering. One should always be on guard against such excess.
Again, it would be nice if we were in a perfect world where simply pointing out a deficency was enough to have it corrected. But the Real World is not wired that way. To get things done, sometimes you have to push buttons; you have to present a motivating factor. Fear is one of those.
If these organizations were motivated by what I'm sure many Slashdot readers would consider more noble motivations such as doing the technically Right Thing... then a simple email may have sufficed. However, for one reason or another, the history of computing is full of examples where such warnings go unheeded. That same history is also full of examples where a technical prank that was humorous, intelligent, and most importantly non-damaging was played to embarrass authorities into correcting a technically hazardous situation. This is the true legacy of the technical prank sometimes included in the definition of a "hack".
Whether this particular prank was intelligent could be up for debate. I believe that calling for "more porn" is hardly original. But then, that's probably as much to do with one's taste in humor as well intelligence (and I admit I did get a chuckle out of the whole situation). But the prank did no damage. It has caused a reasonable amount of embarrassment for CNN. And you can bet that CNN will be doing something to their environment to ensure this kind of situation does not happen again.
The MPAA, and their bretheren media industry organizations, hate that.
They also hate "fair use". They've taken the issue to court. They lost.
There have been legal precidents set that support the copying of intellectual property for personal use AND the movement of this property from one media to another.
Distributing illegal copies of intellectual property is a different matter. The fact that DeCCS may aid in this is a moot point.
From the Betamax case (US Supreme Court, 1984, Sony Corporation v. Universal City Studios):
JSC has been the site of an IT jihad. In 1996, the head honcho of IT at JSC made a push to "standardize" the IT environment. His decision was to ignore the advice to use standardized, cross-platform file formats and instead make JSC a Microsoft shop. This put the large userbase of Macs directly in the line of fire and they fought back. It became a long, drawn out political fight between JSC officials, the Inspector General, and Congress. In the end, nobody completely won. But Microsoft technology made some major leaps forward in seizing control of JSC's IT infrastructure.
Like with many other large organizations, JSC today is very much a Microsoft shop. It is a prime test center (read: Microsoft partner) for various MS offerings to include Exchange, SMS, and Win2K. But Microsoft does not hold all of JSC. Macs have made a comeback. Various Unix flavors exist to include Solaris, HPUX, AIX, IRIX... to name a few. VMS has always been in the shadows. And Linux is sprouting up.
Linux shows up as "testbeds" in various organizations. It runs tasks as rogue installations (desktops as well as servers). And one organization has even created their own dual-boot Windows/Linux standard desktop load. Furthermore, the ODIN IT contract has received requests from JSC "customers" for a Linux load.
And now JSC's contracting office has set Linux as one of its requirements for future hardware purchases.
JSC has followed the pattern so many other organizations have followed. Linux has gone from an obscure user-supported rogue installation to an official, sponsored requirement. The fact that this was done in spite of the direction of internal political pressure and the natural tendancy of these kinds of large organizations to resist change is a tribute to Linux.
In an environment where businesses are working hard to build a unique business model and at the same time earn the respect of the community that they depend on... LinuxOne has done nothing to earn any simular respect. A foolish publicity stunt does not change that. LinuxOne charged across that fine line. Pointing that fact out just makes the act more foolish.
The sad thing is that Linux - its legal workings, its code, and its community - is freely available online. There is no veil of secrecy. The legal requirements and the expectations of Linux's community are available for the reading; mirrored in many cases. It just takes someone with the vested interest in Linux to look and read.That this minor research hasn't been done already is disturbing. Surely the effort it took too find Linux code would have exposed LinuxOne to its community and, even more blatent, its legal language? The cynical amoung us would point out that, given the simplicity of the task, the information found was most likely ignored. You'll forgive me if I find myself affected by these cynics and doubt the need to cover any future "overhaul of [your] practices".