For the pretty tiny subset of XML used here, and the way it is used, means you could probably manage to parse is sufficiently with one Perl split() call. Admittedly there is some parsing overhead but, with caching, it only needs be done once per-domain.
So make a BSD/LGPL licensed libcallid4email or somesuch and use that in all your projects. AFAICT code licensed under BSD/LGPL fulfils what MSFT wants here.
In the license Microsoft grant implementers there is the following nasty clause:
If you distribute, license or sell a Licensed Implementation, this license is conditioned upon you requiring that the following notice be prominently displayed in all copies and derivative works of your source code and in copies of the documentation and licenses associated with your Licensed Implementation: "This product may incorporate intellectual property owned by Microsoft Corporation. If you would like a license from Microsoft, you need to contact Microsoft directly."
Damn you sir! Your carefully constructed criticism is the key reason Microsoft needs to tell users considering of switching. You sir have just killed this entire 'Open Source' thing -- unless we can send in the guys with black helecopters to take out/. first.
And once my g/f woke up and read the article she cam running into the kitchen moaning. Here is her response [she's not a 31337-h4x0r but she's pretty and clued up]:
I write concerning the article (url below) by Stephen Evans about the MyDoom virus and Linux today, in your 'Business' section. I was shocked and rather disgusted to read this article, and can hardly believe that it was produced by a BBC correspondent; it is based on a set of spurious facts and shows a clear lack of understanding about the Open Source movement and Linux as a whole.
Let me give some examples.
Firstly I am extremely offended by the second paragraph which likens "the run-of-the-mill geeks who wreak damage on the unsuspecting computer user" to vandals, arsonists and other criminals. Geeks do not write viruses, and to say as much is absolute slander. Virus-writers are often teenagers, "script kiddies", who have a grudge against the world and/or want respect from their "l33t" peers. Educated, moral geeks (and if the author does not know what a 'geek' is then he should refrain from using the term) do not cause harm to others' systems; many of the geeks in the world are currently firefighting MyDoom, and have no more support for it than I would an arsonist burning down my house.
The article goes on to suggest that SCO is the only victim of MyDoom, ignoring the millions of people around the world who are affected (including systems administrators) as well as Microsoft, another target. This is inaccurate and biased towards the article's support of what it admits is only a 'theory'. We then come to a particularly juicy sentence: "If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source)." I suggest that the author go and spend several years immersed in the open-source movement, and realise entirely how *wrong* that sentence is.
Following on, we see the delightful piece of information that "There's no proof, of course" -- in which case, why write an entire article on what appears to be a bad theory pulled from the dregs of Slashdot (www.slashdot.org, a geek news site which is given to strange theories and bias at times). The article does not name any culprits but rather points a wavering finger at the entire Linux and open-source movement; do you honestly believe that we who are involved in this do not read the BBC news? I am a businesswoman and strong supporter of the open-source movement, and articles like this are simply not called for.
Later in the article we read "It is probably the most successful virus in this form of internet warfare, where a wickedly ingenious program persuades thousands of computers to bombard a single website on a particular date.
It's hard to see how any website could withstand that kind of clever evil. " Of course not. It's a standard trick, called a DDoS attack (Distributed Denial of Service) -- has the author not read his Hacker's Dictionary recently? MyDoom does not do anything new or clever. It is simply higher-profile because of the target, and the flurry of anti-Linux press (now here's a theory; if I were wanting to attack Linux users by subtle and underhand means, enraging the press to publish articles such as these would be a brilliant way. Perhaps the MyDoom writer *isn't* a Linux supporter?).
Another statement that is clearly wrong in context is that "sales of computer servers using Linux have soared" -- well, that's as may be, but it is completely irrelevant since the organisations who sell Linux are not particularly related to the group of people who develop it, and I presume the latter is the target of the article's theory.
Overall this article is badly (if at all) researched, shallow, one-sided, and extremely poorly written throughout. Please withdraw it from your website and send the author on an enforced sabbatical to learn about what he attempts to write about. Should you require any journalists who actually *know* what they are writing about, I can put you in touch with several who are firmly entrenched in the open-source world, and some who are more business-focused.
Windows is a cancer and the EU found it illegal. Cancer theatens life. Windows therefore threatens our way of life.
Oh dear... why do people write "I've never seen a comment on/. claiming X":)
My feedback is below, I also sent a copy, via e-mail, to the author of the article.
BEGIN FEEDBACK
I was most surprised to see the huge catalogue of factual errors in the story referenced below. I do not class myself particularly as an 'Internet zealot' but I feel the article/severely/ mis-represented the facts as they stand.
http://news.bbc.co.uk/2/hi/business/3457823.stm
I'll proceed by listing the errors as they occurred in the article:
"If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source)."
The author has confused the term 'Open Source' with 'Free/Libre Software'. The Open Source movement merely claims that showing people the contents of your program gives them a clearer insight into how it works, its suitability for their needs and the possibility for them to fix/detect bugs as they ocurr. It essentially markets a particular form of software development. The 'Free Software' movement (headed by the 'Free Software Foundation') believes that an author's right to allow free distribution of the/mechanism/ of code should be 'sticky' if the author wishes; i.e. if an author wishes their code to be publically visible, no-one may take that code, modify it and distribute it without everyone being able to see the changes. Also, on one fine point of grammer, 'Internet' is a proper-noun and hence should be capitalised accordingly.
"So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge."
In fact the payload of MyDoom was/specifically designed/ to give this impression. By launching a DDoS attack against SCO, the real purpose of the virus was shielded. It allows the creators of the virus to utilise the power of the machines remotely for the purposes of sending Spam. 'Internet zealots' are normally even more concerned about their mailboxes filling with Junk than frivolous lawsuits. The payload also has a number of other nasty features, the existence of each points to the likely purpetrator being a professional Spammer.
"There's no proof, of course, but it must be one of the theories at the top of any investigator's list."
A brief Google-search will show/many/ experts from anti-virus companies clearly stating their views that this is an entirely unlikely scenario.
"It represents a new degree of viciousness in internet warfare: a wickedly ingenious programme persuades thousands of computers to bombard a single website on a particular date."
The DDoS payload of viruses, worms and trojans is nothing new. They are nowadays routinely incorporated into viruses to distract the media just as they have done.
My first was 'Girld Just Wanna Have Fun' by Cyndi Lauper, again back in '98. It was my first year at Uni, large amounts of bandwidth and, back then at least, loads of FTP sites with MP3s -- I still have a gFTP setup with a mp3:mp3 user from those days.
Disclaimer: I have never downloaded music and anyone that says so is lying!
Much as I would hate to support SCO, it doesn't appear they are actually violating the GPL. Sure you have to be a registered user to download the kernel from them now but they say nothing about re-distributing it. Until they try to stop someone posting the OpenLinux kernel RPMs they aren't violating the GPL.
Sounds like the guy in question had unofficially let someone else use his computer, account, etc.
Not quite. From what I can gather MIT have a system whereby as soon as a un-recognised MAC-address hits the network, the machine is DHCP-d a temporary IP and a all web-traffic is relocated to a registration page.
On this page, a valid MIT id and password is entered then the temporary IP becomes 'attached' to that MAC address with the MIT id used stored in a DB somewhere.
Hence just having an IP registered to a particular user is just an indication that that guy/guyess was the first to use the machine, not that its theirs or that they even have an account on it.
In fact, if all MIT students registered their machines under a common id (e.g. riaasuckmyballs) then there would suddenly seem to be one big pirate there:)
The system as it stands will probably just match an IP to a person who once used the machine in question.
Its odd that they have such an absence of "greed" on the Radio 4 website where you can listen to programmes on demand. The reason? The BBC make all those programmes themselves and don't have any licencing issues beyond those they generate themselves.
Its a popular service too... take Nicholas Parsons' intro to Just A Minute each week, warmly welcoming all those listening over the Internet.
Slashdot Mirror
If only there was a -1: Author's Girlfriend moderation option...
SPF is already a IETF draft, the first stage towards RFC-style standardisation.
For the pretty tiny subset of XML used here, and the way it is used, means you could probably manage to parse is sufficiently with one Perl split() call. Admittedly there is some parsing overhead but, with caching, it only needs be done once per-domain.
So make a BSD/LGPL licensed libcallid4email or somesuch and use that in all your projects. AFAICT code licensed under BSD/LGPL fulfils what MSFT wants here.
In the license Microsoft grant implementers there is the following nasty clause:
If you distribute, license or sell a Licensed Implementation, this license is conditioned upon you requiring that the following notice be prominently displayed in all copies and derivative works of your source code and in copies of the documentation and licenses associated with your Licensed Implementation:
"This product may incorporate intellectual property owned by Microsoft Corporation. If you would like a license from Microsoft, you need to contact Microsoft directly."
Isn't this incompatible with the GPL?
Other university's websites often have a link to their P2P policy on them. For example my college's policy is fairly sensible.
88 feet is roughtly 25 metres, one width of an Olympic sized swimming pool.
Dude, chill. Ride the /. comment wave. /Know/ that you are better don't lower yourself.
*snigger* ints *snigger*
cheek.remove(tongue);
knots is a naval unit measured by a number of knots on a rope that's trailing the ship in a given time period.
Where did you hear that?
Wikipedia? http://en.wikipedia.org/wiki/Knot_(nautical)
Damn you sir! Your carefully constructed criticism is the key reason Microsoft needs to tell users considering of switching. You sir have just killed this entire 'Open Source' thing -- unless we can send in the guys with black helecopters to take out /. first.
I love Gentoo - I'm sure in a scant few hours I can emerge -u linux and be running this cutting edge release.
Arachne is a DOS browser that seems to handle /. OK.
"Besides, this article completely ignores the 'Sorry Andy, I'm just doing my job' quote in the virus code. What 'job' is this person talking about?"
/author/ was Andy, rahter thn the person he was appologising to.
Actually, the original MyDoom.A only contained the following (pulled from my HD):
(sync.c,v 0.1 2004/01/xx xx:xx:xx andy)
The latter, MyDoom.B (modified to attack Microsoft as well) had something along the lines of:
(sync.c,v 0.2 andy, sorry I'm only doing my job)
Suggesting that the
And once my g/f woke up and read the article she cam running into the kitchen moaning. Here is her response [she's not a 31337-h4x0r but she's pretty and clued up]:
I write concerning the article (url below) by Stephen Evans about the MyDoom virus and Linux today, in your 'Business' section. I was shocked and rather disgusted to read this article, and can hardly believe that it was produced by a BBC correspondent; it is based on a set of spurious facts and shows a clear lack of understanding about the Open Source movement and Linux as a whole.
Let me give some examples.
Firstly I am extremely offended by the second paragraph which likens "the run-of-the-mill geeks who wreak damage on the unsuspecting computer user" to vandals, arsonists and other criminals. Geeks do not write viruses, and to say as much is absolute slander. Virus-writers are often teenagers, "script kiddies", who have a grudge against the world and/or want respect from their "l33t" peers. Educated, moral geeks (and if the author does not know what a 'geek' is then he should refrain from using the term) do not cause harm to others' systems; many of the geeks in the world are currently firefighting MyDoom, and have no more support for it than I would an arsonist burning down my house.
The article goes on to suggest that SCO is the only victim of MyDoom, ignoring the millions of people around the world who are affected (including systems administrators) as well as Microsoft, another target. This is inaccurate and biased towards the article's support of what it admits is only a 'theory'.
We then come to a particularly juicy sentence: "If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source)." I suggest that the author go and spend several years immersed in the open-source movement, and realise entirely how *wrong* that sentence is.
Following on, we see the delightful piece of information that "There's no proof, of course" -- in which case, why write an entire article on what appears to be a bad theory pulled from the dregs of Slashdot (www.slashdot.org, a geek news site which is given to strange theories and bias at times).
The article does not name any culprits but rather points a wavering finger at the entire Linux and open-source movement; do you honestly believe that we who are involved in this do not read the BBC news? I am a businesswoman and strong supporter of the open-source movement, and articles like this are simply not called for.
Later in the article we read
"It is probably the most successful virus in this form of internet warfare, where a wickedly ingenious program persuades thousands of computers to bombard a single website on a particular date.
It's hard to see how any website could withstand that kind of clever evil. "
Of course not. It's a standard trick, called a DDoS attack (Distributed Denial of Service) -- has the author not read his Hacker's Dictionary recently? MyDoom does not do anything new or clever. It is simply higher-profile because of the target, and the flurry of anti-Linux press (now here's a theory; if I were wanting to attack Linux users by subtle and underhand means, enraging the press to publish articles such as these would be a brilliant way. Perhaps the MyDoom writer *isn't* a Linux supporter?).
Another statement that is clearly wrong in context is that "sales of computer servers using Linux have soared" -- well, that's as may be, but it is completely irrelevant since the organisations who sell Linux are not particularly related to the group of people who develop it, and I presume the latter is the target of the article's theory.
Overall this article is badly (if at all) researched, shallow, one-sided, and extremely poorly written throughout. Please withdraw it from your website and send the author on an enforced sabbatical to learn about what he attempts to write about. Should you require any journalists who actually *know* what they are writing about, I can put you in touch with several who are firmly entrenched in the open-source world, and some who are more business-focused.
Windows is a cancer and the EU found it illegal. Cancer theatens life. Windows therefore threatens our way of life. Oh dear... why do people write "I've never seen a comment on /. claiming X" :)
You just give the BBC 10 pounds / month far cheaper than a good broadband connection to download them after all :)
My feedback is below, I also sent a copy, via e-mail, to the author of the article.
/severely/ mis-represented the facts as they stand.
/mechanism/ of code should be 'sticky' if the author wishes; i.e. if an author wishes their code to be publically visible, no-one may take that code, modify it and distribute it without everyone being able to see the changes. Also, on one fine point of grammer, 'Internet' is a proper-noun and hence should be capitalised accordingly.
/specifically designed/ to give this impression. By launching a DDoS attack against SCO, the real purpose of the virus was shielded. It allows the creators of the virus to utilise the power of the machines remotely for the purposes of sending Spam. 'Internet zealots' are normally even more concerned about their mailboxes filling with Junk than frivolous lawsuits. The payload also has a number of other nasty features, the existence of each points to the likely purpetrator being a professional Spammer.
/many/ experts from anti-virus companies clearly stating their views that this is an entirely unlikely scenario.
BEGIN FEEDBACK
I was most surprised to see the huge catalogue of factual errors in the story referenced below. I do not class myself particularly as an 'Internet zealot' but I feel the article
http://news.bbc.co.uk/2/hi/business/3457823.stm
I'll proceed by listing the errors as they occurred in the article:
"If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source)."
The author has confused the term 'Open Source' with 'Free/Libre Software'. The Open Source movement merely claims that showing people the contents of your program gives them a clearer insight into how it works, its suitability for their needs and the possibility for them to fix/detect bugs as they ocurr. It essentially markets a particular form of software development. The 'Free Software' movement (headed by the 'Free Software Foundation') believes that an author's right to allow free distribution of the
"So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge."
In fact the payload of MyDoom was
"There's no proof, of course, but it must be one of the theories at the top of any investigator's list."
A brief Google-search will show
"It represents a new degree of viciousness in internet warfare: a wickedly ingenious programme persuades thousands of computers to bombard a single website on a particular date."
The DDoS payload of viruses, worms and trojans is nothing new. They are nowadays routinely incorporated into viruses to distract the media just as they have done.
I /so/ read 'spam' instead of 'sperm' there.
My first was 'Girld Just Wanna Have Fun' by Cyndi Lauper, again back in '98. It was my first year at Uni, large amounts of bandwidth and, back then at least, loads of FTP sites with MP3s -- I still have a gFTP setup with a mp3:mp3 user from those days.
Disclaimer: I have never downloaded music and anyone that says so is lying!
Much as I would hate to support SCO, it doesn't appear they are actually violating the GPL. Sure you have to be a registered user to download the kernel from them now but they say nothing about re-distributing it. Until they try to stop someone posting the OpenLinux kernel RPMs they aren't violating the GPL.
I'll take that over the current versions of NetWare that boot off DOS.
Reply:
But Netware does not run on MS-DOS . And saying so makes you look a bit ill-informed
And not reading the post makes you?
Not quite. From what I can gather MIT have a system whereby as soon as a un-recognised MAC-address hits the network, the machine is DHCP-d a temporary IP and a all web-traffic is relocated to a registration page.
On this page, a valid MIT id and password is entered then the temporary IP becomes 'attached' to that MAC address with the MIT id used stored in a DB somewhere.
Hence just having an IP registered to a particular user is just an indication that that guy/guyess was the first to use the machine, not that its theirs or that they even have an account on it.
In fact, if all MIT students registered their machines under a common id (e.g. riaasuckmyballs) then there would suddenly seem to be one big pirate there :)
The system as it stands will probably just match an IP to a person who once used the machine in question.
*puts on troll mask* erm... yeah... err... mplayer it like does the same stuff as xine but xine is better! yeah...
/. posts on xine/mplayer for the correct troll comments... watch this space*
oh. damn.
*checks previous
The BBC experimented with Ogg streaming in the past (http://support.bbc.co.uk/ogg/) so non-propriety codecs might be available in the future.
Its odd that they have such an absence of "greed" on the Radio 4 website where you can listen to programmes on demand. The reason? The BBC make all those programmes themselves and don't have any licencing issues beyond those they generate themselves. Its a popular service too... take Nicholas Parsons' intro to Just A Minute each week, warmly welcoming all those listening over the Internet.