Erm, how exactly would they have implemented hardware music DRM that runs on both pre-existing Mac and PC systems?
I love the way that as soon as Intel adds support to allow *others* to write more effective DRM, they get jumped on, but when Apple actually writes their own it's OK because "they deliberately made it weak, because they don't believe in DRM". Uh, right. If they didn't believe in DRM then why did they get into the digital music industry in the first place?
They're all things that were imported from FreeBSD and given a GUI. The code that Apple designed and wrote themselves is hardly the model of good security. Widgets with full access to the OS that are automatically installed by the browser? How did they not see it coming?
If you want to avoid problems with cheap and weird components, buy a big name brand. Yes it'll cost more than the same spec machine from down the road.
I think one perception problem PCs have is that people spec out a machine, and shop around (like they do for anything) and find they can buy what appears to be the same machine for less somewhere else. Only then they buy it and it turns out not to be the same machine: it has a cheap modem, dodgy memory, overclocked processor (yes some machines are actually sold overclocked!) and so on. Their computer crashes three times a day, it blows chunks, Linux doesn't support the exotic hardware and they blame Windows, PCs, Linux... anything but themselves.
Then they say, "I know, I'll buy a Mac". And while Apples build quality and support seems... variable... usually it works and they can feel smug and clever for being a smart consumer. If they had simply done what they'd do for any other product like a car and paid for quality and reputation over pure specs, they probably wouldn't have had any problems in the first place. In other words Apple avoid the problems of the free market and uninformed consumers by avoiding the free market entirely.
No, the primary reason is that according to the articles author Macs are more secure.
This clearly isn't the case - Apple have shipped not one but two remote code execution exploits through Safari, and there have been serious security bugs that remain unpatched for months at a time.
The problem here is that Macs are being jumped on in the same way Firefox was to get away from IE being insecure. Now Firefox is more secure than IE, that I do believe even after SP2, but it's not magically brilliant. Firefox has had security problems. Even with a very responsive security teams the moment it looked like it was seriously taking off, it was targetted.
Now Firefox was targetted and so far has been able to resist the pressure. They have good guys discovering exploits before the bad guys. The exploits are quickly patched or fixed. Apple does not give the same confidence - security seems to be lower on their agenda than the making their latest gee-whizz widgets feature convenient. What makes anybody think that a Mac is an answer to security when given a large enough herd mentality, the same problems will start appearing a year or two down the line?
Seriously. All I see here is fanboyism. Linux actually has security features like SELinux, execshield, strong privilege separation (how many Mac apps break if they can't write to their appfolder again?) and on and on. It walks the walk, whereas Apple only talk the talk.
That's a rather loaded example: you picked the best case scenario from MacOS X and the worst case scenario from Linux (portage).
Let's see. On MacOS X you sometimes also need to install software by running installers, some using the Apple installer framework and others using, eg, Wise. If you want access to the world of free (as in beer) software you get with Linux you may also need fink.
On Linux you can use something like Synaptic in Ubuntu, or even better when it's available an autopackage. this is even more straightforward than the.dmg: just click the link in the web browser (1), click "Continue" at the "You are about to install" screen (2), click "Close" in the summary window at the end (3). The app is now in your menus and ready to use.
You could even argue this - when it exists - is easier than the Mac, because it's a very common newbie mistake for people to open up the self-mounting DMGs and run the program directly from there. If they like it they then drag it directly into the dock - which is, let's face it, what intuitively makes sense - and then can't figure out why clicking the dock icon pops up a Finder window. Nor can they figure out why the icon stops working once they clean up their desktop a bit.
Now it's true that on MacOS X it's still a lot easier to graphically install software most of the time as long as you understand the (undocumented) conventions because it has a head start on easy packaging. But hopefully as autopackage gathers momentum more and more software will be available in this form. Already programs like Gaim and Abiword are. So while there's a lot of work left one of the last bastions of UNIX geekery is slowly starting to fall.
You know for most sound cards, if you want more then one application to make sound at one time you have to configure dmix?
This is configured automatically in Fedora Core 4 (or will be when it's out in a month or so). It's very likely that other distributions will follow suit soon afterwards.
Yes Linux has problems. Any serious Linux user or developer will admit that. But these days they're being bopped on the head with quite some speed.
I also question the logic behind MacOS X being a "fix" for security. Apples security track record is atrocious - more than once they've shipped remote code execution exploits through Safari, there have been remote root holes left unpatched for months etc etc. I mean, what makes anybody think that the Macs relative "security" is anything but a side-effect of their obscurity?
I don't know about other places, but my impression was at least in the UK nearly all CS degrees have an FP component. I know at Durham we do Haskell, as well as propositional/predicate logic as used in theorem provers.
That said, I'm not totally convinced Haskell will take off even if FP does become hugely mainstream. As a language it has pretty atrocious usability. More likely, mainstream imperative languages will incorporate extensions that allow for function programming: after all, parametric polymorphism and lambda functions (sort of) already entered mainstream imperative languages.
Alternatively, something like Subtext may prove to be the way forward. All I know is I'm convinced there is a better way to do lazy function programming than Haskell;)
Oh, and for what it's worth, while learning Haskell and Floyd-Hoare logic is mind expanding, graduates that can write code which compiles are probably more desirable long term. The free market doesn't demand languages like Java because it's McCrap, they demand it because it makes the most sense for many commercial projects (aka getting things done outside of academia).
Not quite - it was "broken" in the sense that if you had a valid license you could dump out an unencrypted version that could then be redistributed OK. Obviously:
a) Somebody needs to have bought, cracked and redistributed the media you are interested in
b) That somebody needs to be sure the files aren't watermarked. Presumably if content has been protected it's been paid for, probably by a credit card. So the leaked files could definitely (in theory) be traced back if watermarking was in use. Of course if you can detect it sometimes watermarking can be defeated too but it's a definite risk - are you willing to risk prosection for the priviledge of uploading content?
What that forum also neglects to mention is that Microsoft released an update that kills the crack. The "drmdbg" program can no longer succesfully follow the internal DLL calls inside the DRM software so it cannot extract the key. Because of the way Windows Media works, content can demand that this version of the DRM system is installed before playing so effectively cracks like this can be "closed" quite fast.
So there are two sides to DRM - on one hand, the there's no such thing as "uncrackable" DRM in the absolute sense, on the other hand it's perfectly possible to produce DRM so hard to crack nobody manages it.
Digital satellite DRM is one obvious example of that - modern smartcard security is so advanced that the rollout of new protections like P4 in the states (and I believe they now several generations ahead of what's been cracked) basically eliminated satellite TV piracy. Same is true in the UK - there is no way to pirate Sky TV.
Now, Microsoft has some very smart people working for them, their software is closed source and their DRM is constantly adapting (as the drm2wmv program showed) to close off avenues of attack as they are discovered. They don't have to make it uncrackable, they just have to make it hard and awkward enough to crack that it becomes easier/less risky to buy the content than try and pirate it.
Given that P2P networks are seedy underworlds of trojans, crap content and dodgy downloads, it's not too hard to produce a service that appeals to customers more than attempting to break the DRM does.
Ignore him, the forum is really cool. One thing - the alpha blending in the loading screen is a bit dubious, you might want to investigate having a semi-transparent PNG (with the IE DirectX magic) instead of dithering.
I'd also seriously consider fixing the permalinking thing. Being able to link to forum threads is useful. Also try allowing guest postings to one of the forums....
From what I remember, Cuban women often hit on European/American tourists because getting a man to fall for you while you're there is a way out of the country. They want the passport not the personality.
Of course that's very cynical of us all. The original poster may have found true love in Cuba.
It depends a lot on what the project is, Shorewall clearly isn't one that has commercial backing (in which case the pain of support and documentation is balanced by money).
I work on two open source projects, one I do as a hobby and one I get paid for. For the one I get paid for, a significant chunk of time is spent doing technical support. This can be quite demoralising: there are always people for whom it simply Does Not Work and you aren't entirely sure why (usually because their system is broken or hopelessly exotic). But when you get a support ticket closed as fixed, it's quite a nice feeling. I wouldn't do it unless I was paid to though.
The one I don't get paid to work on, most of my time is spent on "boring" stuff as well like debugging, investigating other peoples goofs and writing documentation. I do that because I'm the maintainer and I like to see the project thrive and grow. It's like gardening. It can't all be planting pretty flowers all the time: somebody has to do the weeds. Well, that somebody is me, and the reward comes in the form of the final result rather than the process of getting there.
It's based on Kontiki which is in turn based on WMA (which obviously uses the secure audio path), so yes you will need to get signed drivers from the manufacturers.
Probably the only way to do DRM on Linux succesfully is to do what the digital satellite companies have done and move it entirely into hardware: in other words, sell cheap USB speakers/headphones that accept encrypted audio and output (watermarked) analog audio. The process of recording and watermark stripping the analog audio would (hopefully) be annoying enough that the purchase price of the content seems reasonable.
Never heard of or experienced that, but it sounds like something the DRMonkeys would do. Still can be evaded in software: Run your OS inside vmware, record loopback style on the host OS.
Yes that's the most obvious attack, but again, how many people both have VMware and want to use it for piracy? It's not a mass market easy to use cracker. Also bear in mind that it's trivially defeated: VMware can be detected if you look for it explicitly. Just refuse to play DRMd audio if it's running inside VMware.
Or hack your drivers. All it takes is one hacked instance to unleash it.
The drivers are digitally signed after being SAP verified by Microsoft. It will refuse to play protected audio if you have unsigned drivers. You can read more about it here.
Naturally, it might be out on the Mac too in time but I doubt it'll have a Linux version. There's no builtin DRM with Linux like there is with Windows so it'd be a lot harder to protect the content files.
IMHO DRM and Linux don't necessarily have to be enemies. For instance take the Windows XP "Secure Audio Path". It relies on driver co-operation and essentially means the audio passes from the media player encrypted into the kernel: there's no way to get the audio out of the media player in a cleartext form. The kernel will only decrypt and forward the audio to the driver if it's SAP enabled, which means it agrees to prevent recording at the same time as playing. In other words, you can't do a "play and record simultaneously" attack using only software.
At this point somebody will point out that you can still connect two computers (or a recording device) together using a minijack-to-minijack cable and use the analog hole. Yes. But doing so is awkward and requires cables I think most casual pirates don't have. Of course you can go down to your local Radio Shack and buy one if you know what you're looking for, but fundamentally DRM is about making things awkward - it's not about totally 100% secure uncrackable systems.
Let's say that the Linux kernel implemented an equivalent to SAP. Of course you could hack the source to disable it. But even if there were widespread RPMs of the patched kernels available, how many people would take the time to track them down and use them, simply for the privilege of using up bandwidth spreading them on p2p networks? For most people DRM isn't the fundamental religious issue it is to many here on Slashdot - they use P2P systems because it's a lot easier to search, point, click than the alternative (which is usually buy a DVD box set). The more awkward it is, the fewer people will do it, and the harder it becomes to find pirate copies of new material. Having the source means you can do something, not necessarily that you will do something.
Maybe so, but in his blog he claims he contributed a lot in many other ways - by running nodes, providing hosting, even funding the project with his own money. Are you saying this isn't correct?
You can run Internet Explorer using Wine or Codeweavers Crossover. That's how I used to deal with an IE requirement where I worked, and it did the job nicely.
Re:Its only the bad things we head about?
on
Safari vs. KHTML
·
· Score: 4, Informative
Those aren't the WebCore changes, they're a few minor patches made for the Acid test. The bulk of the changes do not come in that form, and that's what the KDE people are pissed off about (or more accurately, they're pissed off at Apple apologists asking them when they'll merge the changes).
Re:Its only the bad things we head about?
on
Safari vs. KHTML
·
· Score: 0
No, the "preferred form" clause is the preferred form of the original developers (obviously). Patch dumps clearly aren't the preferred form according to the original developers.
Re:Here's a quote from Zack Rusin
on
Safari vs. KHTML
·
· Score: 4, Informative
You're quoting Zack out of context. Here is the full quote:
Did KHTML become better as a result of Apple using it? Yes of course. KHTML became a lot, lot better as a result of patches we merged from Apple folks. And you know what? We've been quiet for almost two years. No one mentioned anything because we all hoped. We still do and always will. Everytime people complained about KDE developers being lazy and not merging patches from the great Apple guys we just took it. This time I simply refused to sit back and look at another/. discussion on Safari and KHTML cooperation.
Seems people like you are what Zak is pissed off about.
Uh, that's a totally unsupported assertion. You don't "need" a proprietary operating system to be easy to use any more than you need a proprietary operating system to be secure or stable. That's bullshit.
Apple definitely are in the business of selling operating systems, it just so happens that you have to buy their hardware to get it. How many people buy a Mac because of MacOS? Look at their website, the number of pages dedicated to the OS vs the hardware is huge. Why do you think they generate such absurd amounts of hype over new OS features like desktop widgets?
It's pretty simple:
They make a proprietary OS because that's what they've always done, and because it fuels hardware sales
Therefore they have a vested interest in not seeing competing operating systems succeed.
Therefore they see open source projects as a useful source of code to use, but not a community they would be involved with. Their own engineers have flat out admitted this.
Re:Its only the bad things we head about?
on
Safari vs. KHTML
·
· Score: 0, Offtopic
Actually, no, they don't. The LGPL says they have to release the code but they cannot (for instance) run it through an obfuscator before releasing the patch. The LGPL says that changes have to be returned in the "preferred form" for exactly this reason: given half a chance some corporations will try and follow the exact wording of the license and not the spirit.
The whole point of the LGPL is so people can "share with their neighbours". Go read the GNU manifesto some time. Enormous undocumented patch dumps that can't be integrated without causing tons of regressions thanks to code nobody understands is not "sharing with your neighbours", it's grudgingly doing the absolute bare minimum you have to avoid getting sued (and to be frank, it's such a grey area if KDE was a huge corporate as well they'd probably be in court by now).
So yes the KDE developers have a right to be pissed off, just the same as you would if a partner in a business relationship used a particular reading of the fine print to screw you over.
Re:Its only the bad things we head about?
on
Safari vs. KHTML
·
· Score: 4, Informative
Is it? The last I heard of that relationship, Jordan Hubbard said FreeBSD had got a few minor bugfixes and test suites back. This quote sums up the Apple/FreeBSD relationship quite well, I think:
In his own posting to the FreeBSD mail archives dated June 25, Hubbard stated that his new "day job" would not be the end of his contributions to the FreeBSD and other projects. In his words, "Apple does fully understand the importance of FreeBSD and they don't want me or anyone else to stop working on it. FreeBSD doesn't compete with Apple's product offerings in any way and provides an excellent source of technology for them."
Is an unrealized danger of OSS that others may take your project in a direction you didn't intend?
It's not unrealized, lots of projects have forked before. I think anybody who puts their code under a license that allows forking will realize that it can happen.
Can OSS code and goals harmonize with the goals and needs of corporation designed code?
Of course it can, this happens every day. Look at the kernel, GCC, Wine, etc.
Is it that Apple mismanaged the relationship, or that the KHTML guys expected too much?
I don't think expecting documented patches or a shared bug tracker is asking too much - this is the pretty much the minimal level of co-operation most projects would expect from a corporate good citizen. Some companies go even further than that, and hire some of the core developers, sponsor conferences, provide hosting facilities etc. There are plenty of examples in the Linux community of companies doing that.
So did Apple mismanage the relationship? Arguably there is no relationship. They certainly mismanaged expectations - if they'd come straight out and the beginning and said "we're not going to co-operate" a lot of frustration would have been avoided. That would have harmed their (mostly imaginary) pro-open source image though.
I doubt there's some kind of Evil Plan to screw over KDE here, it's more likely that Apple don't care or want to help the open source community, it's just a convenient place to take code from (go see how much FreeBSD has got back from them, for instance). Open source and Linux specifically are primary competitors and they'd be foolish to help the community more than they have to. After all, they're in the business of selling proprietary operating systems.
Who exactly would Microsoft sue? It's more likely that they're telling people they'll sue customers - according to Eben Mogels linux.conf.au speech this is far more likely than lawsuits against developers. The SFLC isn't so much about defending a lawsuit, it's more about strong and credible FUD fighting.
Slashdot Mirror
I love the way that as soon as Intel adds support to allow *others* to write more effective DRM, they get jumped on, but when Apple actually writes their own it's OK because "they deliberately made it weak, because they don't believe in DRM". Uh, right. If they didn't believe in DRM then why did they get into the digital music industry in the first place?
They're all things that were imported from FreeBSD and given a GUI. The code that Apple designed and wrote themselves is hardly the model of good security. Widgets with full access to the OS that are automatically installed by the browser? How did they not see it coming?
I think one perception problem PCs have is that people spec out a machine, and shop around (like they do for anything) and find they can buy what appears to be the same machine for less somewhere else. Only then they buy it and it turns out not to be the same machine: it has a cheap modem, dodgy memory, overclocked processor (yes some machines are actually sold overclocked!) and so on. Their computer crashes three times a day, it blows chunks, Linux doesn't support the exotic hardware and they blame Windows, PCs, Linux ... anything but themselves.
Then they say, "I know, I'll buy a Mac". And while Apples build quality and support seems ... variable ... usually it works and they can feel smug and clever for being a smart consumer. If they had simply done what they'd do for any other product like a car and paid for quality and reputation over pure specs, they probably wouldn't have had any problems in the first place. In other words Apple avoid the problems of the free market and uninformed consumers by avoiding the free market entirely.
This clearly isn't the case - Apple have shipped not one but two remote code execution exploits through Safari, and there have been serious security bugs that remain unpatched for months at a time.
The problem here is that Macs are being jumped on in the same way Firefox was to get away from IE being insecure. Now Firefox is more secure than IE, that I do believe even after SP2, but it's not magically brilliant. Firefox has had security problems. Even with a very responsive security teams the moment it looked like it was seriously taking off, it was targetted.
Now Firefox was targetted and so far has been able to resist the pressure. They have good guys discovering exploits before the bad guys. The exploits are quickly patched or fixed. Apple does not give the same confidence - security seems to be lower on their agenda than the making their latest gee-whizz widgets feature convenient. What makes anybody think that a Mac is an answer to security when given a large enough herd mentality, the same problems will start appearing a year or two down the line?
Seriously. All I see here is fanboyism. Linux actually has security features like SELinux, execshield, strong privilege separation (how many Mac apps break if they can't write to their appfolder again?) and on and on. It walks the walk, whereas Apple only talk the talk.
The one you already own probably does the trick.
Let's see. On MacOS X you sometimes also need to install software by running installers, some using the Apple installer framework and others using, eg, Wise. If you want access to the world of free (as in beer) software you get with Linux you may also need fink.
On Linux you can use something like Synaptic in Ubuntu, or even better when it's available an autopackage. this is even more straightforward than the .dmg: just click the link in the web browser (1), click "Continue" at the "You are about to install" screen (2), click "Close" in the summary window at the end (3). The app is now in your menus and ready to use.
You could even argue this - when it exists - is easier than the Mac, because it's a very common newbie mistake for people to open up the self-mounting DMGs and run the program directly from there. If they like it they then drag it directly into the dock - which is, let's face it, what intuitively makes sense - and then can't figure out why clicking the dock icon pops up a Finder window. Nor can they figure out why the icon stops working once they clean up their desktop a bit.
Now it's true that on MacOS X it's still a lot easier to graphically install software most of the time as long as you understand the (undocumented) conventions because it has a head start on easy packaging. But hopefully as autopackage gathers momentum more and more software will be available in this form. Already programs like Gaim and Abiword are. So while there's a lot of work left one of the last bastions of UNIX geekery is slowly starting to fall.
This is configured automatically in Fedora Core 4 (or will be when it's out in a month or so). It's very likely that other distributions will follow suit soon afterwards.
Yes Linux has problems. Any serious Linux user or developer will admit that. But these days they're being bopped on the head with quite some speed.
I also question the logic behind MacOS X being a "fix" for security. Apples security track record is atrocious - more than once they've shipped remote code execution exploits through Safari, there have been remote root holes left unpatched for months etc etc. I mean, what makes anybody think that the Macs relative "security" is anything but a side-effect of their obscurity?
That said, I'm not totally convinced Haskell will take off even if FP does become hugely mainstream. As a language it has pretty atrocious usability. More likely, mainstream imperative languages will incorporate extensions that allow for function programming: after all, parametric polymorphism and lambda functions (sort of) already entered mainstream imperative languages.
Alternatively, something like Subtext may prove to be the way forward. All I know is I'm convinced there is a better way to do lazy function programming than Haskell ;)
Oh, and for what it's worth, while learning Haskell and Floyd-Hoare logic is mind expanding, graduates that can write code which compiles are probably more desirable long term. The free market doesn't demand languages like Java because it's McCrap, they demand it because it makes the most sense for many commercial projects (aka getting things done outside of academia).
a) Somebody needs to have bought, cracked and redistributed the media you are interested in
b) That somebody needs to be sure the files aren't watermarked. Presumably if content has been protected it's been paid for, probably by a credit card. So the leaked files could definitely (in theory) be traced back if watermarking was in use. Of course if you can detect it sometimes watermarking can be defeated too but it's a definite risk - are you willing to risk prosection for the priviledge of uploading content?
What that forum also neglects to mention is that Microsoft released an update that kills the crack. The "drmdbg" program can no longer succesfully follow the internal DLL calls inside the DRM software so it cannot extract the key. Because of the way Windows Media works, content can demand that this version of the DRM system is installed before playing so effectively cracks like this can be "closed" quite fast.
So there are two sides to DRM - on one hand, the there's no such thing as "uncrackable" DRM in the absolute sense, on the other hand it's perfectly possible to produce DRM so hard to crack nobody manages it.
Digital satellite DRM is one obvious example of that - modern smartcard security is so advanced that the rollout of new protections like P4 in the states (and I believe they now several generations ahead of what's been cracked) basically eliminated satellite TV piracy. Same is true in the UK - there is no way to pirate Sky TV.
Now, Microsoft has some very smart people working for them, their software is closed source and their DRM is constantly adapting (as the drm2wmv program showed) to close off avenues of attack as they are discovered. They don't have to make it uncrackable, they just have to make it hard and awkward enough to crack that it becomes easier/less risky to buy the content than try and pirate it.
Given that P2P networks are seedy underworlds of trojans, crap content and dodgy downloads, it's not too hard to produce a service that appeals to customers more than attempting to break the DRM does.
Ignore him, the forum is really cool. One thing - the alpha blending in the loading screen is a bit dubious, you might want to investigate having a semi-transparent PNG (with the IE DirectX magic) instead of dithering. I'd also seriously consider fixing the permalinking thing. Being able to link to forum threads is useful. Also try allowing guest postings to one of the forums....
Of course that's very cynical of us all. The original poster may have found true love in Cuba.
I work on two open source projects, one I do as a hobby and one I get paid for. For the one I get paid for, a significant chunk of time is spent doing technical support. This can be quite demoralising: there are always people for whom it simply Does Not Work and you aren't entirely sure why (usually because their system is broken or hopelessly exotic). But when you get a support ticket closed as fixed, it's quite a nice feeling. I wouldn't do it unless I was paid to though.
The one I don't get paid to work on, most of my time is spent on "boring" stuff as well like debugging, investigating other peoples goofs and writing documentation. I do that because I'm the maintainer and I like to see the project thrive and grow. It's like gardening. It can't all be planting pretty flowers all the time: somebody has to do the weeds. Well, that somebody is me, and the reward comes in the form of the final result rather than the process of getting there.
Probably the only way to do DRM on Linux succesfully is to do what the digital satellite companies have done and move it entirely into hardware: in other words, sell cheap USB speakers/headphones that accept encrypted audio and output (watermarked) analog audio. The process of recording and watermark stripping the analog audio would (hopefully) be annoying enough that the purchase price of the content seems reasonable.
Yes that's the most obvious attack, but again, how many people both have VMware and want to use it for piracy? It's not a mass market easy to use cracker. Also bear in mind that it's trivially defeated: VMware can be detected if you look for it explicitly. Just refuse to play DRMd audio if it's running inside VMware.
Or hack your drivers. All it takes is one hacked instance to unleash it.
The drivers are digitally signed after being SAP verified by Microsoft. It will refuse to play protected audio if you have unsigned drivers. You can read more about it here.
IMHO DRM and Linux don't necessarily have to be enemies. For instance take the Windows XP "Secure Audio Path". It relies on driver co-operation and essentially means the audio passes from the media player encrypted into the kernel: there's no way to get the audio out of the media player in a cleartext form. The kernel will only decrypt and forward the audio to the driver if it's SAP enabled, which means it agrees to prevent recording at the same time as playing. In other words, you can't do a "play and record simultaneously" attack using only software.
At this point somebody will point out that you can still connect two computers (or a recording device) together using a minijack-to-minijack cable and use the analog hole. Yes. But doing so is awkward and requires cables I think most casual pirates don't have. Of course you can go down to your local Radio Shack and buy one if you know what you're looking for, but fundamentally DRM is about making things awkward - it's not about totally 100% secure uncrackable systems.
Let's say that the Linux kernel implemented an equivalent to SAP. Of course you could hack the source to disable it. But even if there were widespread RPMs of the patched kernels available, how many people would take the time to track them down and use them, simply for the privilege of using up bandwidth spreading them on p2p networks? For most people DRM isn't the fundamental religious issue it is to many here on Slashdot - they use P2P systems because it's a lot easier to search, point, click than the alternative (which is usually buy a DVD box set). The more awkward it is, the fewer people will do it, and the harder it becomes to find pirate copies of new material. Having the source means you can do something, not necessarily that you will do something.
Maybe so, but in his blog he claims he contributed a lot in many other ways - by running nodes, providing hosting, even funding the project with his own money. Are you saying this isn't correct?
You can run Internet Explorer using Wine or Codeweavers Crossover. That's how I used to deal with an IE requirement where I worked, and it did the job nicely.
Those aren't the WebCore changes, they're a few minor patches made for the Acid test. The bulk of the changes do not come in that form, and that's what the KDE people are pissed off about (or more accurately, they're pissed off at Apple apologists asking them when they'll merge the changes).
No, the "preferred form" clause is the preferred form of the original developers (obviously). Patch dumps clearly aren't the preferred form according to the original developers.
Seems people like you are what Zak is pissed off about.
Apple definitely are in the business of selling operating systems, it just so happens that you have to buy their hardware to get it. How many people buy a Mac because of MacOS? Look at their website, the number of pages dedicated to the OS vs the hardware is huge. Why do you think they generate such absurd amounts of hype over new OS features like desktop widgets?
It's pretty simple:
The whole point of the LGPL is so people can "share with their neighbours". Go read the GNU manifesto some time. Enormous undocumented patch dumps that can't be integrated without causing tons of regressions thanks to code nobody understands is not "sharing with your neighbours", it's grudgingly doing the absolute bare minimum you have to avoid getting sued (and to be frank, it's such a grey area if KDE was a huge corporate as well they'd probably be in court by now).
So yes the KDE developers have a right to be pissed off, just the same as you would if a partner in a business relationship used a particular reading of the fine print to screw you over.
Taken from here.
It's not unrealized, lots of projects have forked before. I think anybody who puts their code under a license that allows forking will realize that it can happen.
Can OSS code and goals harmonize with the goals and needs of corporation designed code?
Of course it can, this happens every day. Look at the kernel, GCC, Wine, etc.
Is it that Apple mismanaged the relationship, or that the KHTML guys expected too much?
I don't think expecting documented patches or a shared bug tracker is asking too much - this is the pretty much the minimal level of co-operation most projects would expect from a corporate good citizen. Some companies go even further than that, and hire some of the core developers, sponsor conferences, provide hosting facilities etc. There are plenty of examples in the Linux community of companies doing that.
So did Apple mismanage the relationship? Arguably there is no relationship. They certainly mismanaged expectations - if they'd come straight out and the beginning and said "we're not going to co-operate" a lot of frustration would have been avoided. That would have harmed their (mostly imaginary) pro-open source image though.
I doubt there's some kind of Evil Plan to screw over KDE here, it's more likely that Apple don't care or want to help the open source community, it's just a convenient place to take code from (go see how much FreeBSD has got back from them, for instance). Open source and Linux specifically are primary competitors and they'd be foolish to help the community more than they have to. After all, they're in the business of selling proprietary operating systems.
Who exactly would Microsoft sue? It's more likely that they're telling people they'll sue customers - according to Eben Mogels linux.conf.au speech this is far more likely than lawsuits against developers. The SFLC isn't so much about defending a lawsuit, it's more about strong and credible FUD fighting.