The articles point was it's easier to staticly link the small obscure libraries. I don't know why a developer packaging a binary for general distribution can't statically link certain libraries.
I'm a bit rusty at static linking, but can't they just do a gcc -s -lgtk -ljpeg -o executable/usr/lib/libobscure.a foo.o bar.o widget.o to generate the binary? Then I wouldn't have to hunt down and attempt to install libobscure--sometimes a very frustrating process.
Yeah, yeah. That's what I get for wasting too much time on Slashdot instead of coding. My finger didn't bounce twice. Any decent compiler would have given a warning.
Plus, you want to check for non-NULL, not NULL
How would I know? I haven't seen their code. Why wouldn't something like if( pointer == NULL ) return ERROR_VAL; work?
My point was it has to be an easy fix, but how long will MS take?
I upgraded to a nightly build (1.4a -- Gecko/20030303), and Mozilla doesn't crash there anymore. I have run into sites which make it crash, but the ZDNet bug appears to be fixed...
Besides showing MS your middle finger (which I think you should do) or charging everyone money. Why not just ask interested people to donate money until you have enough to pay the fee? You are only interested in not having to pay the fee yourself, I believe this is a fair plan.
If you want to make money of the deal, the Street Performer Protocol may work for you. This will be less risky because you don't have to front the £500 yourself. Another guy has one called The Rational Street Performer Protocol if it suits your tastes better.
I am paranoid. That is because I've been screwed over so many times.
They don't need to win. Lawyers cost lots of money. Those in the lower castes can't afford to hire a lawyer at all, so they will cave to any "settlement".
Let's not forget the DMCA. One complaint, and your site may be down for hours or even days while you resolve the issue.
Let's not forget hosting services and ISPs. Any legal threat which appears viable, and they will often drop the user like a dead dog. Just like the mess with boycott-hollywood.us and their domain registrar. William Morris Agency (who represents some big hollywood stars) accused them of liable.
I looked at the site, I didn't see anything that hundreds of news sources and interviews have already said. The only difference is they give a list of celebrities to boycott. Their registrar has hijacked the domain name and has threatened to cancel their account. They may get their domain name back, but most likely only because their site is popular, and there has been lots of backlash. A less popular site would not have been so lucky.
You're not getting a respose because they're probably using a bot to find "infringing files" (meaning it has a filename with the same word as one of their works), and the bot is sending the emails. The lights are on, but nobody is home. I bet if you investigated those complaints, the computers wouldn't even have half the works they're claiming.
Well, I changed the permissions of/dev/dri/ as well as put the mode and group lines in XF86Config. I forgot about the last part when I wrote the post, and I suppose I wasn't clear, but that is what I meant by "block permissions." I made a special group for dri, the framebuffer, sound, and such devices.
My point was the dri device seems to give somewhat raw access to hardware, and therefore is a potential security exploit. Yet the running program needs permission to access the device, otherwise it won't be able to use accelerated rendering.
This is a problem if the user account is using a network connected program which may be attacked (such as Mozilla), then the attacker may execute arbitrary code which accesses the DRI device and disrupts the entire system...or might theoretically even get root. From what I've read on DRI, it sounds like these problems could happen. But even worse, some programs (such as Unreal Tournament) need both network access and 3D acceleration leading to a potential direct exploit.
For sound, a sgid executable solution should work fine. The worst an attacker can do is play farting sounds through the speaker. Manipulating/dev/dsp won't stop people from using the computer--in fact, if the device is already taken, they can't do anything with it./dev/dsp can't lock up the system--assuming the drivers are stable. An attacker can't get root. DRI is another story.
I suppose it seems silly to harden security even for a home systems with UT, but I'm sure some companies use 3D networked programs too. I'd like both 3d acceleration and security. Maybe I'm just searching for a pipe dream.
It's called sharing because anyone can access your files--you share them. The term file sharing wasn't invented by Napster. I think I first heard the term on a MS product, though they probably didn't invent the term either. My guess is Novell did. The MS Windows world often calls opening up a resource to the network "sharing". File sharing. Printer sharing. Etc. They'd probably try to call this forum "web based message sharing" or some similar odd thing.
If I take a picture of a cat, and put it on a file sharing system, contrary to what the RIAA says, I am not doing anything illegal--unless the pussy is under 18, but that is a different law. The term file sharing refers to allowing others to access files. It does not refer to copyright infringement. File sharing may allow copyright infringment to happen, but not all file sharing is copyright infringement.
You sound like the RIAA polls which imply all downloading on the internet is somehow infringing their copyrights. You downloaded this slashdot page, should you go to jail?
Did you buy a CD burner in the US? If so, you paid a tax to the RIAA. Did you buy any blank music CDRs? If so, you paid a tax to the RIAA. Did you buy a CD from a small independent musician? If so, they probably bought a blank music CDR, and therefore paid a tax the the RIAA.
In this case, they didn't just go after a guy providing infringing copies. They also tacked on charges about his generic search engine.
They need to hire some pr0n writers. That's what they (and I) want anyway. After all, they hyped this week's episode as a kinky three way sex romp. Maybe all of network TV should do it. I heard the WB did the same for 7th Heaven--Beverly Mitchell gets her freak on!
Some other prominent GUI systems don't require interprocess communication to update the screen, and can provide quicker response with less overhead.
Yeah, with either no security, or the kernel does all the work. Both often cause problems. Direct kernel calls for graphics primitives may not be a bad thing (in a way DRI allows this), but I think a separate process should manage windows, security and higher level functions. DRI also seems to break security. I have to block permissions of/dev/dri/ for any untrusted user, which means the user can't access it for 3D programs.
IPC will always be slower than system calls with no context switching.
Yeah, but you'll probably only notice it on an 1MHz computer. X also uses shared memory for IPC. Not everything has to go through sockets.
This is a possible reason why Microsoft Windows 98(tm) running on a 100mhz Pentium seems so much snappier for minor UI-interaction tasks (pulling down a menu) than a same-vintage Gnome on identical hardware.
You seem to be confused as to why your "X Windows" system is slow. I ran a 100MHz 486, and X was just as fast as win98. Try removing the Gnome crap, and you'll realize your mistake.
You seem like the guy to ask. Does X Windows use networking for the local server?;-)
They have nothing to do with networking and are the most efficient form of IPC on Linux.
What are these epics thingies everyone keeps talking about. This guy told me shared memory or mmap can be faster for transfers of thingies like huge pictures. He even uses shared memory with the X thingie.
AF_UNIX sockets still have nothing to do with networking.
My psychic wants me to ask: What about NFS? Why did you link to a page titled "Unix-socket-faq for network programming" which, while interesting, does not seem to have any information about Unix domain sockets? Why do I have to use -nolisten tcp to keep XFree86 off the internet? How is it possible to plug my lightbulb into a window? It's a socket isn't it?
Isn't the advantage of X over DirectFB security? DirectFB requires all programs be run as root. The DirectFB advantage is it seems much more lightweight. Good for those who can't use a bloated system. I doubt the speed differences between X and DFB will be noticed on today's systems. I thought X sucked, but that was when I had a 100MHz 486 with 8MB RAM and used virtual terminals / SVGAlib instead.
I guess I was wrong. Looking closer at their website (www.exodus.net), it appears to be a high bandwidth business ISP. I just assumed they might start using normal ISPs, so they'd be harder to block. From the look of the network provider's site, they do appear to be some sort of ISP--just not a home one.
I'm not so sure the RIAA/MPAA or their spamming friends bought those addresses. I think the ISP just allocated a specific range for them. Not a whole lot of difference, except it's not permanent. I suppose it may be safe to block that network's addresses, since most businesses don't use Gnutella anyway. ???
Filesizes don't mean anything either. Any given song will have different sizes when encoded with different software or at different bitrates. They will accumulate thousands file sizes for their database, increasing the chance of a collision with an innocent file. Also, if a file happens to be the same size as another, it isn't necessarily identical. Maybe it's not likely an innocent file will exactly match the name and size of an infringing file, but then again the RIAA/BSA/etc have been shown to be careless with accusations. Not to mention those with infringing files may add a random amount of zero bytes to fool the bots. Some may even change the file name and size to correspond to mine, then tell all their buddies the new Eminem song is called "Celine Dion Kid Rock R Kelly and Eminem suck.mp3".
Filenames and sizes do not come close to showing a file contains specific content. It is far too easy for different content to have the same names and sizes for them to be used as "evidence" of any wrong doing.
If the system used MD5 or SHA hases, then they may be able to determine the hashes of their material and be fairly accurate. This is what they were designed for--to guarantee only one file / dataset will correspond to one hash. The only bad thing I've heard about MD5 is someone can deliberately create a different file with the same hash. It is unlikely an innocent person would be targeted.
Downloading the file (or at least enough to show it contains their content) would be absolute proof. A hash would be decent proof. Anything less is just circumstantial at best.
Freenet isn't designed for music, it is designed for free speech. It was made so people can criticize their corrupt governments or employers, and be somewhat anonymous. If they do not think you wrote the subversive message, then they may not give you a prison sentance, fire you, or whatever.
Freenet is still a P2P system, it's just designed for purposes other than what you assume P2P systems should do.
Below is the MPAA lawergram, I think the important phrase in it is that they have 'good faith' that the files are copyright and being illegally distributed. So they assume that a file with the name of their property is their property.
Which is, to be honest, a fair assumption.
If I made a rant about crappy music and called the file "Celine Dion Kid Rock R Kelly and Eminem suck.mp3", and the RIAA's serch bot flagged this as one of their songs. Then they sent a DMCA complaint to my ISP, which gets me kicked off. Aren't they violating my free speech rights?
Oh, I forgot. I don't have any rights if I'm criticizing an American product.
Okay, what if I write a song called "Stripped"--a theme for creating small ELF executables. My friend named Christina sings the song, therefore I call it "christina-stripped.mp3". Should the RIAA be allowed to sue me for copyright "infringement"--even if the song was recorded and distributed long before Christina Aguilera even thought of hers?
The RIAA's whole stance is that P2P services are illegal and anyone who uses such services are criminals. If they use P2P, then by their own logic, they are criminals.
Also remember, when the whole Napster thing started, they threatened to sue universities for merely providing internet access. Their whole attitude is the internet is a criminal operation.
Whois indicates those addresses belong to a ISP called Exodus. If they just use everyday ISPs, then you'll end up blacklisting all home users with this scheme. Which is what they want anyway...
Well, I'm not sure we will ever see them. It seems most businesses who have anything to do with the internet are busy. Patent fraud. Finding new ways to abuse copyright infringement claims. Sueing everyone.
Don't forget the internet mail order companies--they want to be able to charge you retail, and insane shipping & handling rates. If everyone could buy books, pictures, short video clips for 25 cents, then there would be less purchases of those $30 hardback books, $20 videos, and $10 pictures (together with a $8 shipping fee).
Big business could easily develop a micropayment system, but micropayments don't help big business.
I have seen a few micropayment systems floating around, but they all seem to have nasty quirks. One based upon gold requires you start out with a initial investment of thousands of dollars. I don't know if there is a real micropayment solution or not.
If data is all you want to trade, then perhaps one based on real money is not the solution. What about one where "thought money" (for the lack of a better word) is traded. Make up a currency system where this "money" is traded for pics, stories, and whatever. This sounds so simple, I wouldn't be surprized if there are sites which already do this...
Slashdot Mirror
The articles point was it's easier to staticly link the small obscure libraries. I don't know why a developer packaging a binary for general distribution can't statically link certain libraries.
I'm a bit rusty at static linking, but can't they just do a gcc -s -lgtk -ljpeg -o executable /usr/lib/libobscure.a foo.o bar.o widget.o to generate the binary? Then I wouldn't have to hunt down and attempt to install libobscure--sometimes a very frustrating process.
What if you're system doesn't use GNU ls? I wrote the ls for my system. FreeBSD has another version...
Since when did strcasecmp work with unicode?
Yeah, yeah. That's what I get for wasting too much time on Slashdot instead of coding. My finger didn't bounce twice. Any decent compiler would have given a warning.
How would I know? I haven't seen their code. Why wouldn't something like if( pointer == NULL ) return ERROR_VAL; work?
My point was it has to be an easy fix, but how long will MS take?
I upgraded to a nightly build (1.4a -- Gecko/20030303), and Mozilla doesn't crash there anymore. I have run into sites which make it crash, but the ZDNet bug appears to be fixed...
So the fix is only one line? if(pointer=NULL)
Maybe because no one can read it? What does it say? It appears to use english words, but well...
Besides showing MS your middle finger (which I think you should do) or charging everyone money. Why not just ask interested people to donate money until you have enough to pay the fee? You are only interested in not having to pay the fee yourself, I believe this is a fair plan.
If you want to make money of the deal, the Street Performer Protocol may work for you. This will be less risky because you don't have to front the £500 yourself. Another guy has one called The Rational Street Performer Protocol if it suits your tastes better.
I am paranoid. That is because I've been screwed over so many times.
They don't need to win. Lawyers cost lots of money. Those in the lower castes can't afford to hire a lawyer at all, so they will cave to any "settlement".
Let's not forget the DMCA. One complaint, and your site may be down for hours or even days while you resolve the issue.
Let's not forget hosting services and ISPs. Any legal threat which appears viable, and they will often drop the user like a dead dog. Just like the mess with boycott-hollywood.us and their domain registrar. William Morris Agency (who represents some big hollywood stars) accused them of liable.
I looked at the site, I didn't see anything that hundreds of news sources and interviews have already said. The only difference is they give a list of celebrities to boycott. Their registrar has hijacked the domain name and has threatened to cancel their account. They may get their domain name back, but most likely only because their site is popular, and there has been lots of backlash. A less popular site would not have been so lucky.
If an ISP isn't a common carrier, then what the hell are they?
I know cable broadband companies try to say they aren't, but they want to restrict what their users do--it's not an arguement based on fact.
You're not getting a respose because they're probably using a bot to find "infringing files" (meaning it has a filename with the same word as one of their works), and the bot is sending the emails. The lights are on, but nobody is home. I bet if you investigated those complaints, the computers wouldn't even have half the works they're claiming.
Well, I changed the permissions of /dev/dri/ as well as put the mode and group lines in XF86Config. I forgot about the last part when I wrote the post, and I suppose I wasn't clear, but that is what I meant by "block permissions." I made a special group for dri, the framebuffer, sound, and such devices.
My point was the dri device seems to give somewhat raw access to hardware, and therefore is a potential security exploit. Yet the running program needs permission to access the device, otherwise it won't be able to use accelerated rendering.
This is a problem if the user account is using a network connected program which may be attacked (such as Mozilla), then the attacker may execute arbitrary code which accesses the DRI device and disrupts the entire system...or might theoretically even get root. From what I've read on DRI, it sounds like these problems could happen. But even worse, some programs (such as Unreal Tournament) need both network access and 3D acceleration leading to a potential direct exploit.
For sound, a sgid executable solution should work fine. The worst an attacker can do is play farting sounds through the speaker. Manipulating /dev/dsp won't stop people from using the computer--in fact, if the device is already taken, they can't do anything with it. /dev/dsp can't lock up the system--assuming the drivers are stable. An attacker can't get root. DRI is another story.
I suppose it seems silly to harden security even for a home systems with UT, but I'm sure some companies use 3D networked programs too. I'd like both 3d acceleration and security. Maybe I'm just searching for a pipe dream.
It's called sharing because anyone can access your files--you share them. The term file sharing wasn't invented by Napster. I think I first heard the term on a MS product, though they probably didn't invent the term either. My guess is Novell did. The MS Windows world often calls opening up a resource to the network "sharing". File sharing. Printer sharing. Etc. They'd probably try to call this forum "web based message sharing" or some similar odd thing.
If I take a picture of a cat, and put it on a file sharing system, contrary to what the RIAA says, I am not doing anything illegal--unless the pussy is under 18, but that is a different law. The term file sharing refers to allowing others to access files. It does not refer to copyright infringement. File sharing may allow copyright infringment to happen, but not all file sharing is copyright infringement.
You sound like the RIAA polls which imply all downloading on the internet is somehow infringing their copyrights. You downloaded this slashdot page, should you go to jail?
Did you buy a CD burner in the US? If so, you paid a tax to the RIAA. Did you buy any blank music CDRs? If so, you paid a tax to the RIAA. Did you buy a CD from a small independent musician? If so, they probably bought a blank music CDR, and therefore paid a tax the the RIAA.
In this case, they didn't just go after a guy providing infringing copies. They also tacked on charges about his generic search engine.
The RIAA operates in the US. Obviously you know nothing about the US "justice" system.
They need to hire some pr0n writers. That's what they (and I) want anyway. After all, they hyped this week's episode as a kinky three way sex romp. Maybe all of network TV should do it. I heard the WB did the same for 7th Heaven--Beverly Mitchell gets her freak on!
Yeah, with either no security, or the kernel does all the work. Both often cause problems. Direct kernel calls for graphics primitives may not be a bad thing (in a way DRI allows this), but I think a separate process should manage windows, security and higher level functions. DRI also seems to break security. I have to block permissions of /dev/dri/ for any untrusted user, which means the user can't access it for 3D programs.
Yeah, but you'll probably only notice it on an 1MHz computer. X also uses shared memory for IPC. Not everything has to go through sockets.
You seem to be confused as to why your "X Windows" system is slow. I ran a 100MHz 486, and X was just as fast as win98. Try removing the Gnome crap, and you'll realize your mistake.
You seem like the guy to ask. Does X Windows use networking for the local server? ;-)
What are these epics thingies everyone keeps talking about. This guy told me shared memory or mmap can be faster for transfers of thingies like huge pictures. He even uses shared memory with the X thingie.
My psychic wants me to ask: What about NFS? Why did you link to a page titled "Unix-socket-faq for network programming" which, while interesting, does not seem to have any information about Unix domain sockets? Why do I have to use -nolisten tcp to keep XFree86 off the internet? How is it possible to plug my lightbulb into a window? It's a socket isn't it?
Isn't the advantage of X over DirectFB security? DirectFB requires all programs be run as root. The DirectFB advantage is it seems much more lightweight. Good for those who can't use a bloated system. I doubt the speed differences between X and DFB will be noticed on today's systems. I thought X sucked, but that was when I had a 100MHz 486 with 8MB RAM and used virtual terminals / SVGAlib instead.
I guess I was wrong. Looking closer at their website (www.exodus.net), it appears to be a high bandwidth business ISP. I just assumed they might start using normal ISPs, so they'd be harder to block. From the look of the network provider's site, they do appear to be some sort of ISP--just not a home one.
I'm not so sure the RIAA/MPAA or their spamming friends bought those addresses. I think the ISP just allocated a specific range for them. Not a whole lot of difference, except it's not permanent. I suppose it may be safe to block that network's addresses, since most businesses don't use Gnutella anyway. ???
Filesizes don't mean anything either. Any given song will have different sizes when encoded with different software or at different bitrates. They will accumulate thousands file sizes for their database, increasing the chance of a collision with an innocent file. Also, if a file happens to be the same size as another, it isn't necessarily identical. Maybe it's not likely an innocent file will exactly match the name and size of an infringing file, but then again the RIAA/BSA/etc have been shown to be careless with accusations. Not to mention those with infringing files may add a random amount of zero bytes to fool the bots. Some may even change the file name and size to correspond to mine, then tell all their buddies the new Eminem song is called "Celine Dion Kid Rock R Kelly and Eminem suck.mp3".
Filenames and sizes do not come close to showing a file contains specific content. It is far too easy for different content to have the same names and sizes for them to be used as "evidence" of any wrong doing.
If the system used MD5 or SHA hases, then they may be able to determine the hashes of their material and be fairly accurate. This is what they were designed for--to guarantee only one file / dataset will correspond to one hash. The only bad thing I've heard about MD5 is someone can deliberately create a different file with the same hash. It is unlikely an innocent person would be targeted.
Downloading the file (or at least enough to show it contains their content) would be absolute proof. A hash would be decent proof. Anything less is just circumstantial at best.
Freenet isn't designed for music, it is designed for free speech. It was made so people can criticize their corrupt governments or employers, and be somewhat anonymous. If they do not think you wrote the subversive message, then they may not give you a prison sentance, fire you, or whatever.
Freenet is still a P2P system, it's just designed for purposes other than what you assume P2P systems should do.
Do you are saying it is a fair assumtion the filename OpenOffice.org-1.0.1-9mdk.src.rpm is infringing Microsoft's copyright? Is it fair to assume "harry_potter_book_report.rtf" is a copy of the Harry Potter movie?
If I made a rant about crappy music and called the file "Celine Dion Kid Rock R Kelly and Eminem suck.mp3", and the RIAA's serch bot flagged this as one of their songs. Then they sent a DMCA complaint to my ISP, which gets me kicked off. Aren't they violating my free speech rights?
Oh, I forgot. I don't have any rights if I'm criticizing an American product.
Okay, what if I write a song called "Stripped"--a theme for creating small ELF executables. My friend named Christina sings the song, therefore I call it "christina-stripped.mp3". Should the RIAA be allowed to sue me for copyright "infringement"--even if the song was recorded and distributed long before Christina Aguilera even thought of hers?
The RIAA's whole stance is that P2P services are illegal and anyone who uses such services are criminals. If they use P2P, then by their own logic, they are criminals.
Also remember, when the whole Napster thing started, they threatened to sue universities for merely providing internet access. Their whole attitude is the internet is a criminal operation.
Whois indicates those addresses belong to a ISP called Exodus. If they just use everyday ISPs, then you'll end up blacklisting all home users with this scheme. Which is what they want anyway...
Well, I'm not sure we will ever see them. It seems most businesses who have anything to do with the internet are busy. Patent fraud. Finding new ways to abuse copyright infringement claims. Sueing everyone.
Don't forget the internet mail order companies--they want to be able to charge you retail, and insane shipping & handling rates. If everyone could buy books, pictures, short video clips for 25 cents, then there would be less purchases of those $30 hardback books, $20 videos, and $10 pictures (together with a $8 shipping fee).
Big business could easily develop a micropayment system, but micropayments don't help big business.
I have seen a few micropayment systems floating around, but they all seem to have nasty quirks. One based upon gold requires you start out with a initial investment of thousands of dollars. I don't know if there is a real micropayment solution or not.
If data is all you want to trade, then perhaps one based on real money is not the solution. What about one where "thought money" (for the lack of a better word) is traded. Make up a currency system where this "money" is traded for pics, stories, and whatever. This sounds so simple, I wouldn't be surprized if there are sites which already do this...