1) Giving someone source code does not mean that you are licensing it under an open license. Just like when you give them your product (after getting a fee) you are not allowing them to copy it and distribute it. Sure, for home users, this isn't very relevant, but for businesses it is.
2) There is nothing contradictory with developing open source and money. It doesn't allow particular methods of making money, but there are plenty of others left to choose from. Many have done it in the past and are doing it today. In fact, most consultants give full copyright to the customer, which is even more generous than open-source licenses.
That's right, they only have a stake in the GNU part. The reason it's called GNU/Linux is because the Linux is from a separate organization. Had it been their own kernel, they would just call it GNU.
"The point was that it's ridiculous to demand the source code for software."
But it's not. I promise you that every single trucking company has their _own_ mechanics that know the trucks inside and out and could probably rebuild one from scratch if they wanted to. Almost every car has service manuals available that detail every aspect of how a car is put together. It's not an unreasonable request - in most other industries it's standard.
I think GNU's quiet because their code isn't at stake. It's hard to do anything when you don't have an interest. GNU can't sue SCO - they have no stake. When GNU has a legal stake that they can use, I'm sure they will do something.
Actually, some hackers a few years ago received a code-signing key from Network Solutions that was valid for Microsoft. Since most Microsoft products have Certificate Revocation List checking turned OFF by default, my guess is that these individuals (who were never found as far as I'm aware) could do just that.
" I quite like the idea of non-transferrable patents, but think it's unfair cos an inventor is not necessarily a businessman, so why shouldn't he or she cash in by selling the rights?"
I agree the idea needs work, but I think this is the direction we need to be thinking in.
Personally, I would be happy if there were no patents at all. I think that the worry about people not being paid or invention slowing down is that people are just not able to see how a system can develop that is different from today. It's like they think that today's system is a necessity, not an invention itself.
" If I have a good idea and patent it and sell the IP to a patent-holder company, then I am simply cashing in on my good idea - on my innovation, if you prefer."
The difference is that many of us don't believe that this method of cashing in should be legal. Noone has the _right_ to cash in - if they are able to, that's great, but as a society we have no obligation to provide that mechanism, if we think it doesn't benefit the rest of us, socially.
Having patent-holding companies degrades the value of the patent system - it no longer encourages innovation, it discourages it. In fact, patents in general do a lot of that. Thomas Jefferson, who was the first head of the patent office, left it thinking that perhaps it caused more harm than good.*
* The previous is based on readings I have done previously, and should not be taken as fact unless verified. I'm pretty sure it's correct, but not absolutely, and I'm too lazy to look it up.
The problem is that when people don't know how to use their computer, it puts information in real danger. It makes it easy for people to take control of their machines and use them for nefarious purposes.
Reading is a private activity done at home, but what you do on the Internet affects all the people you're connected to.
I don't seriously think that we should be handing out Internet licenses, but I do think the current mindset that anyone should get on without any training or experience is completely wrong.
"If I remember right, I was able to put the drive in a different machine that I could login as root, mount it, edit the passwd file, and bam problem solved."
Still true today. There's nothing wrong with this. If you don't have physical security, you don't have security, period.
Also, if you have Win9x clients, they cannot use the newer protocols, nor can they be upgraded to do so. That's the great thing about Linux - if it doesn't support something, it's pretty easy to upgrade it to do so.
"Before shadow passwords were standard this was no real help at all, since all you had to do was read/etc/passwd and suck up the salt out of those first 2 bytes."
Bzzzt. Wrong. The salt's purpose was to prevent someone from building a reverse dictionary of password hashes. Without the salt, you can get by with 1/4096th the size of your reverse dictionary. Knowing the salt doesn't help, because you still have to recompute your dictionary based on the salt - which takes a horridly long amount of time, and, you have to build one for every password in the file.
We don't allow people to just turn on a car and start driving, do we? No, in fact, we make people on public streets take _tests_ before being allowed on the road. Something like that would be nice for the public Internet as well....
The reason that people think that the car has an intuitive interface is that by the time people started using it, they've watched it being used thousands of times - and they grew up with it. If you were to stick a tribal person from the jungles of Columbia in a car and just give him the keys, he would have no idea what to do, no idea what side of the road to drive on, and not know that he needs to blink his lights when he turns, or anything like that.
No, they aren't distributing Linux _source_, just the binaries. The only source they are distributing is for v2.2, not 2.4. The.srpms don't actually have source code in them.
" 5. SCO attempts to collect license fees from users of the 2.4 kernel, consistent with their claim of owning the IBM submissions."
Absolutely not. Collecting fees from users is not consistent with a claim of copyright infringement. This has never, ever happened - the end user - who is not the one who knowingly infringed, is not liable.
5. SCO attempts to collect license fees from users of the 2.4 kernel, consisten with their belief that the world exists for their pleasure.
There's just as much risk either way. In fact, there's less risk with Linux because the development process is so open. With Microsoft, the development process is closed, so you have no idea what is in there.
The fact that Microsoft pretends that it will pay your legal fees means nothing. Have they ever? Do we know that they haven't found a weasel way out? Are shrinkwrap licenses even valid?
Yes, it does, actually. You see, when people see that they can get an operating system for free, they will be more likely to pirate Windows rather than buy it because they feel they are getting ripped off.
Anyway, they also will have to drop their published prices, simply because when people do price comparisons before engaging the salespeople, it is done based on published prices. Therefore, Microsoft will be seen as being untrustworthy if their published prices are too much at variance with their "actual" prices.
The biggest problem with the Kernel guys redoing it, is now they can be considered 'tainted'.
---
Only if they signed an NDA. Just having viewed copyrighted code does not make you tainted. In fact, they can use the concepts learned from the code to write their own versions, and it's still theirs.
Slashdot Mirror
Two things:
1) Giving someone source code does not mean that you are licensing it under an open license. Just like when you give them your product (after getting a fee) you are not allowing them to copy it and distribute it. Sure, for home users, this isn't very relevant, but for businesses it is.
2) There is nothing contradictory with developing open source and money. It doesn't allow particular methods of making money, but there are plenty of others left to choose from. Many have done it in the past and are doing it today. In fact, most consultants give full copyright to the customer, which is even more generous than open-source licenses.
That's right, they only have a stake in the GNU part. The reason it's called GNU/Linux is because the Linux is from a separate organization. Had it been their own kernel, they would just call it GNU.
"The point was that it's ridiculous to demand the source code for software."
But it's not. I promise you that every single trucking company has their _own_ mechanics that know the trucks inside and out and could probably rebuild one from scratch if they wanted to. Almost every car has service manuals available that detail every aspect of how a car is put together. It's not an unreasonable request - in most other industries it's standard.
I think GNU's quiet because their code isn't at stake. It's hard to do anything when you don't have an interest. GNU can't sue SCO - they have no stake. When GNU has a legal stake that they can use, I'm sure they will do something.
?????
" The same way that my users verify that employee information was written to the database."
No. These people check by simply looking at the results and see if it's there. Without source code, you can't see
a) if the change was a small local change with minimal impact or a large global change
b) whether the change only fixed a subset of the available problem scenarios, or all of them
c) whether the change operates on the symptoms rather than the problem
"s a matter of fact, the vast majority of pc users wouldn't have a clue what they were reading if they saw the source code."
They don't need to. They just need a variety of independent third parties to have access.
Otherwise you're just taking their word for it, and they haven't historically been very trustworthy for anything.
" Of note, most security flaws (Windows, Linux, OpenBSD) are buffer overruns that are overlooked even in peer review/source review."
That really has nothing to do with our present conversation. We are talking about what happens after one is identified.
"If you're curious about what your MS/OS boxis doing, run filemon/apimon."
Not nearly what you need to verify that a patch works correctly. That's like saying strace is sufficient. It just plain isn't.
Really? How can you verify this without seeing the source code?
Actually, Windows is very componentized. It would be surprising if it wasn't.
Actually, some hackers a few years ago received a code-signing key from Network Solutions that was valid for Microsoft. Since most Microsoft products have Certificate Revocation List checking turned OFF by default, my guess is that these individuals (who were never found as far as I'm aware) could do just that.
" I quite like the idea of non-transferrable patents, but think it's unfair cos an inventor is not necessarily a businessman, so why shouldn't he or she cash in by selling the rights?"
I agree the idea needs work, but I think this is the direction we need to be thinking in.
Personally, I would be happy if there were no patents at all. I think that the worry about people not being paid or invention slowing down is that people are just not able to see how a system can develop that is different from today. It's like they think that today's system is a necessity, not an invention itself.
" If I have a good idea and patent it and sell the IP to a patent-holder company, then I am simply cashing in on my good idea - on my innovation, if you prefer."
The difference is that many of us don't believe that this method of cashing in should be legal. Noone has the _right_ to cash in - if they are able to, that's great, but as a society we have no obligation to provide that mechanism, if we think it doesn't benefit the rest of us, socially.
Having patent-holding companies degrades the value of the patent system - it no longer encourages innovation, it discourages it. In fact, patents in general do a lot of that. Thomas Jefferson, who was the first head of the patent office, left it thinking that perhaps it caused more harm than good.*
* The previous is based on readings I have done previously, and should not be taken as fact unless verified. I'm pretty sure it's correct, but not absolutely, and I'm too lazy to look it up.
The problem is that when people don't know how to use their computer, it puts information in real danger. It makes it easy for people to take control of their machines and use them for nefarious purposes.
Reading is a private activity done at home, but what you do on the Internet affects all the people you're connected to.
I don't seriously think that we should be handing out Internet licenses, but I do think the current mindset that anyone should get on without any training or experience is completely wrong.
"If I remember right, I was able to put the drive in a different machine that I could login as root, mount it, edit the passwd file, and bam problem solved."
Still true today. There's nothing wrong with this. If you don't have physical security, you don't have security, period.
Also, if you have Win9x clients, they cannot use the newer protocols, nor can they be upgraded to do so. That's the great thing about Linux - if it doesn't support something, it's pretty easy to upgrade it to do so.
I don't see how it's different now. You can still overwrite passwords with hashes you generate in /etc/shadow. Both scenarios require root access.
There's also the theory that Windows NT is actually a ploy to show Windows Origins.
WNT is just one letter below VMS.
Microsoft often does plays on words - if anyone remembers the "Buck Forland" incident with the release of VB 5.
"Before shadow passwords were standard this was no real help at all, since all you had to do was read /etc/passwd and suck up the salt out of those first 2 bytes."
Bzzzt. Wrong. The salt's purpose was to prevent someone from building a reverse dictionary of password hashes. Without the salt, you can get by with 1/4096th the size of your reverse dictionary. Knowing the salt doesn't help, because you still have to recompute your dictionary based on the salt - which takes a horridly long amount of time, and, you have to build one for every password in the file.
We don't allow people to just turn on a car and start driving, do we? No, in fact, we make people on public streets take _tests_ before being allowed on the road. Something like that would be nice for the public Internet as well....
The reason that people think that the car has an intuitive interface is that by the time people started using it, they've watched it being used thousands of times - and they grew up with it. If you were to stick a tribal person from the jungles of Columbia in a car and just give him the keys, he would have no idea what to do, no idea what side of the road to drive on, and not know that he needs to blink his lights when he turns, or anything like that.
It is NOT irrelevant. There are many algorithms that are worse on the Big O scale that are more efficient in practice.
In fact, in many database systems, they will prefer linear scans instead of index scans for many types of queries specifically because of that C.
What's the URL?
No, they aren't distributing Linux _source_, just the binaries. The only source they are distributing is for v2.2, not 2.4. The .srpms don't actually have source code in them.
" 5. SCO attempts to collect license fees from users of the 2.4 kernel, consistent with their claim of owning the IBM submissions."
Absolutely not. Collecting fees from users is not consistent with a claim of copyright infringement. This has never, ever happened - the end user - who is not the one who knowingly infringed, is not liable.
5. SCO attempts to collect license fees from users of the 2.4 kernel, consisten with their belief that the world exists for their pleasure.
Wrong. That was a patent infringement case. Very big difference.
There's just as much risk either way. In fact, there's less risk with Linux because the development process is so open. With Microsoft, the development process is closed, so you have no idea what is in there.
The fact that Microsoft pretends that it will pay your legal fees means nothing. Have they ever? Do we know that they haven't found a weasel way out? Are shrinkwrap licenses even valid?
Yes, it does, actually. You see, when people see that they can get an operating system for free, they will be more likely to pirate Windows rather than buy it because they feel they are getting ripped off.
Anyway, they also will have to drop their published prices, simply because when people do price comparisons before engaging the salespeople, it is done based on published prices. Therefore, Microsoft will be seen as being untrustworthy if their published prices are too much at variance with their "actual" prices.
The biggest problem with the Kernel guys redoing it, is now they can be considered 'tainted'.
---
Only if they signed an NDA. Just having viewed copyrighted code does not make you tainted. In fact, they can use the concepts learned from the code to write their own versions, and it's still theirs.