> Ok, it may look the same, but what if I want to search through my document management systems for all documents that have terms with the specific meaning that small caps were meant to represent?
Well, I don't think you can search the Word95 documents like that, anyhow. It's a closed, proprietary and dead format. Also, if they're anything like the real documents I've seen, "looks the same" is the only thing that matters, because people are going to read legal meanings, not machines, and they won't be able to tell that this thing is one pixel smaller or one shade of gray lighter.
Moreover, the actual documents, being generated by humans, are almost certainly inconsistent. And even if generated by machine (in which case, you should still have the source data) they'll be made inconsistent if edited by humans who, again, are only going to go for "looks the same." I've yet to see anyone actually use any kind of system like yours outside of a research setting because, frankly office documents are read by humans and the searches you describe are almost useless. Who searches their documents and thinks "well, I don't remember even one phrase of the original, but I know it used a lot of bold capital letters, so I'll search for that"?
In reality, there's no use for the data they're keeping. Anything like that is because the average Office user has no idea how to create document styles and the markup isn't meaningful, it was just tweaked until they thought it looked good (even if it changes fonts three times for no reason). And even if there was, they could hide that data away in the vendor-specific area of ODF (or they could create such a thing withing OOXML... oh wait, doesn't it have anything to support non-Microsoft vendors? my bad) and give the real, useful information of how the damn thing is supposed to look with standard markup.
So the real answer to your question is this: there's nothing preventing them from keeping the data, and the only reasons to do it the way that they did are because they're lazy and can use legacy code by doing a brain-dump of existing Office formats and because this increases the cost for anyone else to use their spec. Sure, you don't "have" to implement those features. Unless you want converted OOXML documents to look right, ever.
Remember, those legacy tags will stay with the document forever. So every word processor until the end of time that uses OOXML will have to remember how all the major word processors before them did things. And that, my friends, is an incredibly stupid way to do things technically, but a great way to screw over your competitors... if you're Microsoft.
> You know as well as I do that the offer by Oasis for Microsoft to participate is disingenuous. The group is dominated by Microsoft's competitors who would do everything in their power (as evidenced by the blog articles they write on a daily basis, and legal maneuvering they keep coming up with) to sideline and make their participation in the group moot.
Oh no, beware of the bloggers? Umm, it's Microsoft who got Peter Quin fired for using ODF. It's Microsoft who is stuffing the ballot boxes here (and managed to get Sun & IBM excluded in Portugal... I'd link, but the article is in Portuguese, see Groklaw). And how can they "make it hard for Microsoft" when there are several existing, open source applications that use ODF? It's not like they can all just rewrite their code at once to screw Microsoft. It was never even made with that goal in mind; you just have your tinfoil hat on too tight.
> I believe that Microsoft would have participated in ODF if they believed their requirements for a file format would be met (ie. one that would support legacy documents and allow 100% document fidelity). I am certain they believed that participating in the Oasis group would have been a pointless exercise in futility, and they would end up with the same useless (to them, because it won't represent legacy documents) spec they have now.
There are plenty of ways to extend ODF with vendor-specific extensions. Do they really need something like, say, yet another way of word-wrapping? (Maybe, but only if they want to preserve the internals of long-dead legacy applications in every format in the future... they DO have a formatLikeWord95 flag in there, and it's not alone). But while ODF is full of open standards, Microsoft stuffed every Microsoft proprietary "standard" into OOXML.
As for why, haven't you read the Halloween memos? They've considered open protocols a threat for practically a decade now. They want them nice & proprietary so Microsoft can collect a toll on everyone using them.
> You'll want to spin this as a power struggle, and claim that Microsoft wouldn't participate because they would not have been able to control things. To that, I counter that Microsoft has participated in many standards, such as C, C++, XML itself, etc.. all without control over the working group. But the difference here is that the ODF committee was, by nature of it's makeup consisting almost entirely of their competitors, deliberately hostile to Microsoft.
Ahh, C/C++ were well outside their control. And they didn't need to control the language itself, just to have their own Windows APIs to keep control. XML is similar. Also, just who do you think isn't a Microsoft competitor? I see that you left Java off of that list, too.
> It's no surprise they decided not to participate, and develop their own XML format. ODF was never intended to support Office, and was likely positioned to make it difficult for Microsoft to do so.
The people developing ODF have their own products to support. They can't just make life miserable for Microsoft without making it hard on themselves, too. And why couldn't Microsoft's own standard have been based on ODF? They don't need anyone's approval for that! They could do it all themselves and build in what they need. And just what, pray tell, do you think they need that they can put in OOXML but not ODF? Unless you mean the garbage dump of legacy code represented by all those bugs they're carrying forward (the Excel date bug, the formatting quirks of every word processor format Office has ever been able to import, and many, many, many more).
> You really have to look at this from the political aspect, as well as the technical one. Read between the lines.
Yeah, everyone else worked together to make a format that would work for them. Microsoft said, "Screw you, I'll make my own format! With blackjack and hookers! In fact, forget the bad Futurama joke!" Then people started going for the other format instead of Micros
> You attempt to convince me that you took classes on law and are in the position to argue this but you fail to abey the principles you should have learned. you cannot have a secondary liability for infringement unless there is an infringment in the first place.
I think, and I have written so more than once now, that the person turning in the voucher could well be an infringer, because the conveyance was contrary to the GPL. But even then, I'd like to see some kind of statutory authority for that. It shouldn't be too hard to show, should it?
Even so, like I said, I go with the professor emeritus' legal opinion. IANAL and neither are you, but the lawyers all are convinced that it does and even Microsoft changed their tune once it came out. You don't think they'd waste time responding to empty legal threats, do you?
Unless I'm missing something, you still have to pay your own lawyers, no? The settlement may not be that great, but I thought this thing only got you out of court costs and that you still had legal bills to foot.
But I may have misunderstood that, so if NYCL corrects me, listen to him.
I don't see them stopping over small matters of money. Unless it's a sanction they'll have to list on every pro hac vice application from here on out, I just don't see any of the lawyers standing up and saying, "I don't think this is such a good idea."
Will they ever get in trouble for all this ex parte crap? I fear that they'll keep pulling the same tricks until they get punished for it, and no one thus far has taken any note of that Texas ruling ordering them not to join all these unrelated cases together.
> Lol. You remind me of the type of person who hates lawyers because they promised you the world in a lawsuit, you paid them everything and ended up losing. The entire Idea behind modern lawyers is to create controversy that they can settle.
That makes no sense whatsoever. Contract lawyers are supposed to PREVENT lawsuits by drawing up an ironclad contract. The people who specialize in litigation take over after that. Believe me, they're not the same lawyers and so the contract lawyers have no incentive to want people to sue over something.
I may not be a lawyer, but I did take some classes, including a little bit of contract law. If you want to convince me, you'll have to cite, you know, laws. Or at least the opinion of an attorney who is a member of the copyright bar.
> As for talking out my ass, No, And secondary liability for infringement only occurs when there is an infringement. So without the infringement, there isn't anything in violation.
There's infringement as soon as you do something the copyright holder hasn't permitted and which copyright law requires permission for. The copy is NOT legal (i.e. it's infringing) if it's made in violation of the GPL. You violate the GPL the second you procure the conveyance of a copy because copyright law requires permission for it and you don't have permission per the GPLv3. How hard is that to understand? Okay, so copyright law isn't easy to understand, but you have to realize that it covers more than just distribution, right? Right??
> This is the one of the problems around attempting to go after Microsoft. But that isn't what I was talking about. What I was talking about it the Anti Tivo clauses that won't stop companies from creating a Tivo scenario. Parts, if not all of the device can still be locked out.
That's to help software defined radios. Wouldn't really help Tivo unless they want to put a hell of a lot of ROM in there if you mean it being ineffective.
> The GPLv3 covered works cannot go back to GPLv2. OR at least that is my understanding of it. I know that there are some people who take the you must license it under this license if it is if it is derived from a covered work to mean that it would have to remain as a GPLv2 covered work but I don't buy that. The point is that the GPLv3 effort would need to be recoded in order to be used in a GPLv2 effort.
Who said they did? I said GPLv2+ is either GPLv2 or GPLv3 (or, eventually, GPLv4+) at the licensor's option. It doesn't "go back" to anything, it was always under the GPLv2 (and now can be had under the GPLv3, as well).
> And this plane is to create two versions of windows licenses where if you buy the cheaper versions, you are buying a covenant not to sue from MS that would covers your activities in any open source project. And because you purchased the affordable license instead of the expensive one, you are not barred form distributing or participating in the GPLv3 project or form using the license.
I wouldn't purchase it, to begin with. Besides, they've already put out a patent pledge for "non compensated developers" or somesuch. As much as they had open source, I don't see them going there. They prefer nice, cheap FUD to expensive lawsuits.
> Bottom line is that the GPLV3 is selfish and reckless, it doesn't do what we were told it would do, most of it will be challenged and shot down in court and when the answer to a question is ask a lawyer, it is simply to complexed and convoluted for the job.
So you're a lawyer, now? I won't go into selfish or reckless, but I'll trust the professor emeritus of law who drafted it over you. I assume the ineffective part is talk about the Novell deal. But copyright law requires copyright holder permission for more than just distribution and you apparently don't know about secondary liability for infringement, so I'll write that off as talking out your ass. Whatever else it was supposed to do and didn't I'm not sure. It's true, it doesn't (and cannot) ban all DRM, but if it did, it'd probably qualify as "selfish" to you, so whatever. The only other thing I can think of is Apache license compatibility which they DID get in the final version.
> Oh, and it is going to be the GPLv3 that imploads it. MS isn't going to place any restrictions out there, they are going to give you something and the GPLv3 is what is going to be restricting. I just think they are waiting for more projects to jump over like Samba so happily has so after the shit hits the fan, they have to go back and redo everything or attempt to find a way to convert the copyright back from GPLv3 to GPLv2 or worse yet, some other ill conceived GPLv4.
Uhh, all the GPLv2 or later stuff can be had under the GPLv2 or GPLv3 at your option. The rest is too incoherent for me to respond to. It sounds like you think the GPLv3 will alienate business. Yet Novell, IBM & co. still plan on distributing GPLv3 stuff. Imagine that? Seems there's more FUD than sense here.
I'd respond to the rest, but I have to leave now. Doesn't look like I'm missing much.
> Mostly it's an issue with admins not excluding the updates download directory.
Where IS that directory? Half the patches I see make weirdo directories in C:\ that look like GUIDs or something? And I still don't know why they never clean up after themselves.
You forgot, didn't you? The Novell / Microsoft deal has the pledge between the voucher-holder and Microsoft, with Novell out of the picture, because they'd run afoul of the GPLv2 otherwise. Now, Novell is explicitly allowed to continue distribution here because of the grandfather clause, otherwise yes, they would run into trouble.
So if someone turns in a voucher for GPLv3 code, who is the primary infringer? It seems to me that it'd be the voucher-holder. But the FSF has absolutely no interest in making trouble for them, so they'd go after the source of the problem: Microsoft and it's discriminatory software patent pledge. If they make that universal instead of discriminatory, the legal problems vanish (but so does their FUD).
IANAL, but the more I think it through, the more I understand how clever the FSF was at turning Microsoft's trick on its head. They used the trick that allowed Microsoft to step out of the picture to target only Microsoft instead of dragging Novell further into it.
After all, why would they get rid of the voucher program if they didn't think it would really cause them any legal problems?
I don't know if it's in the top 100, but the Comes v. Microsoft case materials were put in a torrent on TPB, and I believe it was my suggestion to put them there (someone on Groklaw said they'd preserved them and wanted to know what to do with them).
> Now, saying that Microsoft is at all liable for anything under GPLv3 is like saying that J.K Rowling could claim the cafe is violating her copyright. I don't need J.K. Rowling's permission to give out coupons for her book, because my cafe didn't copy it. The publisher/bookseller (I'm lumping them together to make the analogy simpler) copied it. The publisher/bookseller is is the party that needs permission to copy the book, not me. I'm just acting as a mediator to bring together someone who is licensed to sell the book with people who want the book.
Right, but say those were pirated copies of Harry Potter and you knew that. Do you think you could get away with selling those coupons (remember, SLES vouchers are sold, not given away) and claim that, although you knew that the copies were illegal, you're not at fault? Because that's what's happening here: Microsoft knows that the discriminatory patent pledge makes the copies of Suse it procures illegal if they contain GPLv3 software. That patent pledge is between Microsoft and the voucher-holder, not Novell, too, so Novell is the middle man here, not Microsoft.
Secondary liability for infringement, the same sort that sunk various P2P sites when they knowingly profited off the copyright infringement done by their users, is what puts Microsoft on the hook here. Distribution is NOT the only thing copyright law covers, folks! It's all the GPLv2 cared about, mostly because no one anticipated Microsoft's crazy legal trick. But once they studied that trick, they decided that the GPLv3 had to cover more, and therefore it had to care about secondary liability for copyright infringement. Honestly, that won't matter to anyone not trying to pull crazy tricks, but it's just enough to throw a monkey wrench into Microsoft's voucher plan.
No one is claiming that Microsoft is doing the copying. Your analogy is spot on for a GPLv2 distribution, save that the vouchers/coupons are being sold (but the "books" are legal for GPLv2). But this is why the rules have changed. And yes, copyright law really, honestly does cover that.
Mind you, IANAL, but I have read Groklaw a bit more carefully than most.
> Let's get over this one now. The "later version" thing in the GPLv2 allows the USER/CONSUMER (corportation, or individual etc.) choose which license to use.
Right, but that individual in the case of the SLES vouchers is the voucher holder, not Microsoft. Do you think that they'd stop the voucher program if they really thought they incurred no legal liability?
> Microsoft aren't selling "Download Credits". They are selling patent licenses for patents that might (Your Interpretation May Vary) otherwise be infringed by the Linux.
No, that's exactly what they've sold! The SLES vouchers are redeemed for Suse Linux and a year of support / updates per the article.
And thanks to the grandfather clause in the GPLv3, Novell is allowed to distribute the software, but Microsoft can no longer be discriminatory in who it sues with its software patents.
So my analogy was correct, you just don't understand the situation. Not that I expect anyone to read TFA around here, but it does make that clear, you know!
IANAL, but the Lexmark case, IIRC, ruled that Lexmark's "lockout device" was just too trivial to be copyrightable and that the DMCA didn't protect it. I don't recall that they lost on the grounds of copyright misuse, although if you can find the ruling, I wouldn't mind rereading it.
Anyhow, you can thank secondary liability under copyright law for the GPLv3 being able to cover that. The GPLv2 only cares about distribution, but that's not all a software license can cover, it's just that it usually doesn't make much sense to do more than that with a free software license.
Copyright law is amazingly (and oftentimes overly) broad, after all. The GPLv3 is just drawing more power from it and trying to use it to keep people like Microsoft from suing people.
You forget that Eben Moglen, a professor of law at Columbia University and general counsel for the FSF read the Novell / Microsoft agreements and drafted the GPLv3 with them in mind with the intent to undo the damage the discriminatory software patent agreements cause.
Given that he believes Microsoft is in trouble and that Microsoft *actually took notice* of the GPLv3 enough to issue an announcement, I'll have to say that while it's probably a thorny legal question, it's nowhere near as one-sided as you make it out to be.
Eben, BTW, is pretty much the foremost legal expert on the GPL. You know, having helped draft it and all. And it's not like PJ doesn't talk with lawyers about her posts. You know, like Eben...
But what the hell do I know? I just post snarky comments on Slashdot... like you do.
> She is under the impression that issuing a coupon is the same thing as distributing
No, no she's not. The GPLv2 limited itself to distribution, but copyright law has fun theories of secondary liability, etc. The GPLv3 expands the scope that it covers to something close to the full scope of what's covered by copyright law.
Did everyone but me forget just how BROAD copyright law is? It covers loads of crap. Just like I can't sell warez vouchers for Joe'z Warez Sitez which happen to be hosted in a copyright-hostile country and claim no liability, you can't "procure the conveyance" of GPLv3 software as a license dodge any more. Yes, you COULD dodge like that under the GPLv2, but only because the GPLv2 said you didn't need permission for anything but distribution. But not any more, because the GPLv3 forbids it and copyright law says you need permission.
The rules have changed, folks. The GPLv3 is stronger, because it takes advantage of the ridiculously strong copyright laws that are so prevalent. But it really shouldn't matter much unless you dislike things like compatibility with the Apache license or planned to undermine people with weird software patent threats.
You forgot just how broad copyright law is, didn't you? Before, the GPL only concerned itself with distribution, so that confusion is understandable, but the GPLv3 defined new terms to use more of that "void" between all activities covered by copyright law and mere distribution.
If you read the Groklaw article, you'll see that there are fun secondary liabilities you can give rise to under copyright law. Yes, procuring the conveyance of a copyrighted work could be infringement under copyright law if I didn't have permission from the copyright holder. Seriously, if I sold download credits to "Joe'z Warez Sitez" do people think that the copyright holder couldn't go after me? Similarly, Microsoft can't be content to have Novell do their "dirty work" for them any more because the scope of the GPL has expanded.
Now yes, this does leave us in a murky legal area. But the GPLv3 CAN cover what it's covering here, it just hasn't cared about such conduct before now. Microsoft has expensive lawyers, though, so who knows? If anyone can buy their way out of this, they can, I mean, what do a few laws cost these days? I suspect companies write it off as a cost of doing business.
Is it just me, or was that a pretty obvious fake? For one, there's no way I'd download any special download software that's only used on one site, ever. That just screams "spyware" to me, no matter how you look at it. In this case, it happened to spy for the MPAA, but I wouldn't put it past some shady download site to do the same and I wouldn't touch software like that with a 10 foot pole.
As for whether or not it's entrapment, I don't see many lawyers here. At best, I suspect it might run afoul of various anti-spyware laws, assuming any of them have teeth. Of course, not unlike the scammers who use similar tricks to get you to do something illegal (making you an accomplice, and thus someone unwilling to turn them in) they've gotten you to infringe upon someone's copyrights making it unlikely that anyone will want to come forward. But still, I wonder, would anyone sued as a result of these investigations be able to claim that the copies they downloaded were authorized by the copyright holder because of the way they put them out there? You'd think they'd be holding the weaker hand with that claim, but I wonder... they do have the money for expensive lawyers, after all.
Any bad data (e.g. using Firefox bugs but not IE bugs) is the least of it. The real problem with his research is the notion that counting vendor-acknowledged bug reports is any measure of security at all. Maybe if he'd done something like an analysis of exposure windows for critical bugs in a default install he could get somewhere, but no. We have yet another worthless bug count.
You don't need to invalidate the data if the methodology is wrong! And if the methodology is wrong, you don't need any numbers to prove it. That's the case here, but you and so many others are hung up on the bug count. Oh, he did address some of the claims and fixed the bug count. But if you'd read the title of the rebuttal on Full-Disclosure, you'd know that the problem was that he tried to measure security by counting bugs to begin with!
How are they obscure? You can't know much about security at all without knowing about people like insecure.org, SecuriTeam, or the Full-Disclosure mailing list. Or maybe you meant the author, Kristian Hermansen? They're a security researcher at Cisco, FYI. But even then, what does obscurity matter if their criticisms are valid? You could be an anonymous coward and make a valid point, after all (alas, that's merely a hypothetical because you do not).
Then you claim that the second report addressed all those issues. That's not at all true. Sure, it doesn't count Firefox bugs any more, but that's not the real problem with the study. The real problem is that counting vendor-acknowledged bugs isn't a security metric at all! That's right, it's not the least bit useful for giving either an academic or real-world measure of security. You can't rescue the original study from that flaw without redoing it and abandoning the original premise.
But I guess you wouldn't know that, because you don't know these "obscure" sites that people who know about computer security do. I mean, next thing you know, people will be citing virtual unknowns like Bruce Schneier as if they knew anything about security! Or maybe Fyodor, I bet he doesn't know a damn thing about networking. What did he ever do? Make up that silly fake application they used as a "hacking" tool in the Matrix movies? [/sarcasm]
Yeah, so did he address all the other serious flaws? Such as the whole "number of vendor acknowledged issues" != "useful security metric"? Because unless he did something radically different, his whole methodology was wrong.
You can't just subtract a few worthless bugs from the charts and turn that into a useful security metric. It just doesn't work that way. For an example of something that would be more useful, you could find all the bugs that lead to remote compromise and count the number of days it was widely known before it was patched for some definition of "widely known."
But then you end up with things like that story saying that IE 6 had critical flaws for about 9 months out of last year. Yeah, IE7 is better (hard not to be!) but still.
Just how is it inaccurate? The General Public License exists to protect the four freedoms of the software it covers. It can't shield a person from all legal liability, of course, but I don't see any major inaccuracy. Are people reading that to say that the GPL shields one from all liability? That would be a horrible misreading of the article, not an inaccuracy. The GPL most certainly does shield people from legal liability for copyright infringement when modifying the software. You know, that whole clause in the GPL that says "You are not required to agree to anything to merely use software which is licensed under the GPL. You only have obligations if you modify or distribute" and the fact that the GPL works because modification and distribution would be copyright infringement without the permission granted by the GPL?
That's right. The GPL shields you against copyright infringement claims by the GPL'd software's authors so long as you follow the rules of the GPL. It's the very source of the GPL's power; without it the GPL could not be enforced. Anyone who doesn't understand that that is how the GPL works doesn't know a damn thing about the GPL or copyright law. Which is probably why we're seeing this article here on Slashdot, huh?
Slashdot Mirror
> Ok, it may look the same, but what if I want to search through my document management systems for all documents that have terms with the specific meaning that small caps were meant to represent?
Well, I don't think you can search the Word95 documents like that, anyhow. It's a closed, proprietary and dead format. Also, if they're anything like the real documents I've seen, "looks the same" is the only thing that matters, because people are going to read legal meanings, not machines, and they won't be able to tell that this thing is one pixel smaller or one shade of gray lighter.
Moreover, the actual documents, being generated by humans, are almost certainly inconsistent. And even if generated by machine (in which case, you should still have the source data) they'll be made inconsistent if edited by humans who, again, are only going to go for "looks the same." I've yet to see anyone actually use any kind of system like yours outside of a research setting because, frankly office documents are read by humans and the searches you describe are almost useless. Who searches their documents and thinks "well, I don't remember even one phrase of the original, but I know it used a lot of bold capital letters, so I'll search for that"?
In reality, there's no use for the data they're keeping. Anything like that is because the average Office user has no idea how to create document styles and the markup isn't meaningful, it was just tweaked until they thought it looked good (even if it changes fonts three times for no reason). And even if there was, they could hide that data away in the vendor-specific area of ODF (or they could create such a thing withing OOXML... oh wait, doesn't it have anything to support non-Microsoft vendors? my bad) and give the real, useful information of how the damn thing is supposed to look with standard markup.
So the real answer to your question is this: there's nothing preventing them from keeping the data, and the only reasons to do it the way that they did are because they're lazy and can use legacy code by doing a brain-dump of existing Office formats and because this increases the cost for anyone else to use their spec. Sure, you don't "have" to implement those features. Unless you want converted OOXML documents to look right, ever.
Remember, those legacy tags will stay with the document forever. So every word processor until the end of time that uses OOXML will have to remember how all the major word processors before them did things. And that, my friends, is an incredibly stupid way to do things technically, but a great way to screw over your competitors... if you're Microsoft.
> You know as well as I do that the offer by Oasis for Microsoft to participate is disingenuous. The group is dominated by Microsoft's competitors who would do everything in their power (as evidenced by the blog articles they write on a daily basis, and legal maneuvering they keep coming up with) to sideline and make their participation in the group moot.
Oh no, beware of the bloggers? Umm, it's Microsoft who got Peter Quin fired for using ODF. It's Microsoft who is stuffing the ballot boxes here (and managed to get Sun & IBM excluded in Portugal... I'd link, but the article is in Portuguese, see Groklaw). And how can they "make it hard for Microsoft" when there are several existing, open source applications that use ODF? It's not like they can all just rewrite their code at once to screw Microsoft. It was never even made with that goal in mind; you just have your tinfoil hat on too tight.
> I believe that Microsoft would have participated in ODF if they believed their requirements for a file format would be met (ie. one that would support legacy documents and allow 100% document fidelity). I am certain they believed that participating in the Oasis group would have been a pointless exercise in futility, and they would end up with the same useless (to them, because it won't represent legacy documents) spec they have now.
There are plenty of ways to extend ODF with vendor-specific extensions. Do they really need something like, say, yet another way of word-wrapping? (Maybe, but only if they want to preserve the internals of long-dead legacy applications in every format in the future... they DO have a formatLikeWord95 flag in there, and it's not alone). But while ODF is full of open standards, Microsoft stuffed every Microsoft proprietary "standard" into OOXML.
As for why, haven't you read the Halloween memos? They've considered open protocols a threat for practically a decade now. They want them nice & proprietary so Microsoft can collect a toll on everyone using them.
> You'll want to spin this as a power struggle, and claim that Microsoft wouldn't participate because they would not have been able to control things. To that, I counter that Microsoft has participated in many standards, such as C, C++, XML itself, etc.. all without control over the working group. But the difference here is that the ODF committee was, by nature of it's makeup consisting almost entirely of their competitors, deliberately hostile to Microsoft.
Ahh, C/C++ were well outside their control. And they didn't need to control the language itself, just to have their own Windows APIs to keep control. XML is similar. Also, just who do you think isn't a Microsoft competitor? I see that you left Java off of that list, too.
> It's no surprise they decided not to participate, and develop their own XML format. ODF was never intended to support Office, and was likely positioned to make it difficult for Microsoft to do so.
The people developing ODF have their own products to support. They can't just make life miserable for Microsoft without making it hard on themselves, too. And why couldn't Microsoft's own standard have been based on ODF? They don't need anyone's approval for that! They could do it all themselves and build in what they need. And just what, pray tell, do you think they need that they can put in OOXML but not ODF? Unless you mean the garbage dump of legacy code represented by all those bugs they're carrying forward (the Excel date bug, the formatting quirks of every word processor format Office has ever been able to import, and many, many, many more).
> You really have to look at this from the political aspect, as well as the technical one. Read between the lines.
Yeah, everyone else worked together to make a format that would work for them. Microsoft said, "Screw you, I'll make my own format! With blackjack and hookers! In fact, forget the bad Futurama joke!" Then people started going for the other format instead of Micros
> You attempt to convince me that you took classes on law and are in the position to argue this but you fail to abey the principles you should have learned. you cannot have a secondary liability for infringement unless there is an infringment in the first place.
I think, and I have written so more than once now, that the person turning in the voucher could well be an infringer, because the conveyance was contrary to the GPL. But even then, I'd like to see some kind of statutory authority for that. It shouldn't be too hard to show, should it?
Even so, like I said, I go with the professor emeritus' legal opinion. IANAL and neither are you, but the lawyers all are convinced that it does and even Microsoft changed their tune once it came out. You don't think they'd waste time responding to empty legal threats, do you?
Unless I'm missing something, you still have to pay your own lawyers, no? The settlement may not be that great, but I thought this thing only got you out of court costs and that you still had legal bills to foot.
But I may have misunderstood that, so if NYCL corrects me, listen to him.
I don't see them stopping over small matters of money. Unless it's a sanction they'll have to list on every pro hac vice application from here on out, I just don't see any of the lawyers standing up and saying, "I don't think this is such a good idea."
Will they ever get in trouble for all this ex parte crap? I fear that they'll keep pulling the same tricks until they get punished for it, and no one thus far has taken any note of that Texas ruling ordering them not to join all these unrelated cases together.
> Lol. You remind me of the type of person who hates lawyers because they promised you the world in a lawsuit, you paid them everything and ended up losing. The entire Idea behind modern lawyers is to create controversy that they can settle.
That makes no sense whatsoever. Contract lawyers are supposed to PREVENT lawsuits by drawing up an ironclad contract. The people who specialize in litigation take over after that. Believe me, they're not the same lawyers and so the contract lawyers have no incentive to want people to sue over something.
I may not be a lawyer, but I did take some classes, including a little bit of contract law. If you want to convince me, you'll have to cite, you know, laws. Or at least the opinion of an attorney who is a member of the copyright bar.
> As for talking out my ass, No, And secondary liability for infringement only occurs when there is an infringement. So without the infringement, there isn't anything in violation.
There's infringement as soon as you do something the copyright holder hasn't permitted and which copyright law requires permission for. The copy is NOT legal (i.e. it's infringing) if it's made in violation of the GPL. You violate the GPL the second you procure the conveyance of a copy because copyright law requires permission for it and you don't have permission per the GPLv3. How hard is that to understand? Okay, so copyright law isn't easy to understand, but you have to realize that it covers more than just distribution, right? Right??
> This is the one of the problems around attempting to go after Microsoft. But that isn't what I was talking about. What I was talking about it the Anti Tivo clauses that won't stop companies from creating a Tivo scenario. Parts, if not all of the device can still be locked out.
That's to help software defined radios. Wouldn't really help Tivo unless they want to put a hell of a lot of ROM in there if you mean it being ineffective.
> The GPLv3 covered works cannot go back to GPLv2. OR at least that is my understanding of it. I know that there are some people who take the you must license it under this license if it is if it is derived from a covered work to mean that it would have to remain as a GPLv2 covered work but I don't buy that. The point is that the GPLv3 effort would need to be recoded in order to be used in a GPLv2 effort.
Who said they did? I said GPLv2+ is either GPLv2 or GPLv3 (or, eventually, GPLv4+) at the licensor's option. It doesn't "go back" to anything, it was always under the GPLv2 (and now can be had under the GPLv3, as well).
> And this plane is to create two versions of windows licenses where if you buy the cheaper versions, you are buying a covenant not to sue from MS that would covers your activities in any open source project. And because you purchased the affordable license instead of the expensive one, you are not barred form distributing or participating in the GPLv3 project or form using the license.
I wouldn't purchase it, to begin with. Besides, they've already put out a patent pledge for "non compensated developers" or somesuch. As much as they had open source, I don't see them going there. They prefer nice, cheap FUD to expensive lawsuits.
> Bottom line is that the GPLV3 is selfish and reckless, it doesn't do what we were told it would do, most of it will be challenged and shot down in court and when the answer to a question is ask a lawyer, it is simply to complexed and convoluted for the job.
So you're a lawyer, now? I won't go into selfish or reckless, but I'll trust the professor emeritus of law who drafted it over you. I assume the ineffective part is talk about the Novell deal. But copyright law requires copyright holder permission for more than just distribution and you apparently don't know about secondary liability for infringement, so I'll write that off as talking out your ass. Whatever else it was supposed to do and didn't I'm not sure. It's true, it doesn't (and cannot) ban all DRM, but if it did, it'd probably qualify as "selfish" to you, so whatever. The only other thing I can think of is Apache license compatibility which they DID get in the final version.
> Oh, and it is going to be the GPLv3 that imploads it. MS isn't going to place any restrictions out there, they are going to give you something and the GPLv3 is what is going to be restricting. I just think they are waiting for more projects to jump over like Samba so happily has so after the shit hits the fan, they have to go back and redo everything or attempt to find a way to convert the copyright back from GPLv3 to GPLv2 or worse yet, some other ill conceived GPLv4.
Uhh, all the GPLv2 or later stuff can be had under the GPLv2 or GPLv3 at your option. The rest is too incoherent for me to respond to. It sounds like you think the GPLv3 will alienate business. Yet Novell, IBM & co. still plan on distributing GPLv3 stuff. Imagine that? Seems there's more FUD than sense here.
I'd respond to the rest, but I have to leave now. Doesn't look like I'm missing much.
> Mostly it's an issue with admins not excluding the updates download directory.
Where IS that directory? Half the patches I see make weirdo directories in C:\ that look like GUIDs or something? And I still don't know why they never clean up after themselves.
You forgot, didn't you? The Novell / Microsoft deal has the pledge between the voucher-holder and Microsoft, with Novell out of the picture, because they'd run afoul of the GPLv2 otherwise. Now, Novell is explicitly allowed to continue distribution here because of the grandfather clause, otherwise yes, they would run into trouble.
So if someone turns in a voucher for GPLv3 code, who is the primary infringer? It seems to me that it'd be the voucher-holder. But the FSF has absolutely no interest in making trouble for them, so they'd go after the source of the problem: Microsoft and it's discriminatory software patent pledge. If they make that universal instead of discriminatory, the legal problems vanish (but so does their FUD).
IANAL, but the more I think it through, the more I understand how clever the FSF was at turning Microsoft's trick on its head. They used the trick that allowed Microsoft to step out of the picture to target only Microsoft instead of dragging Novell further into it.
After all, why would they get rid of the voucher program if they didn't think it would really cause them any legal problems?
I don't know if it's in the top 100, but the Comes v. Microsoft case materials were put in a torrent on TPB, and I believe it was my suggestion to put them there (someone on Groklaw said they'd preserved them and wanted to know what to do with them).
> Now, saying that Microsoft is at all liable for anything under GPLv3 is like saying that J.K Rowling could claim the cafe is violating her copyright. I don't need J.K. Rowling's permission to give out coupons for her book, because my cafe didn't copy it. The publisher/bookseller (I'm lumping them together to make the analogy simpler) copied it. The publisher/bookseller is is the party that needs permission to copy the book, not me. I'm just acting as a mediator to bring together someone who is licensed to sell the book with people who want the book.
Right, but say those were pirated copies of Harry Potter and you knew that. Do you think you could get away with selling those coupons (remember, SLES vouchers are sold, not given away) and claim that, although you knew that the copies were illegal, you're not at fault? Because that's what's happening here: Microsoft knows that the discriminatory patent pledge makes the copies of Suse it procures illegal if they contain GPLv3 software. That patent pledge is between Microsoft and the voucher-holder, not Novell, too, so Novell is the middle man here, not Microsoft.
Secondary liability for infringement, the same sort that sunk various P2P sites when they knowingly profited off the copyright infringement done by their users, is what puts Microsoft on the hook here. Distribution is NOT the only thing copyright law covers, folks! It's all the GPLv2 cared about, mostly because no one anticipated Microsoft's crazy legal trick. But once they studied that trick, they decided that the GPLv3 had to cover more, and therefore it had to care about secondary liability for copyright infringement. Honestly, that won't matter to anyone not trying to pull crazy tricks, but it's just enough to throw a monkey wrench into Microsoft's voucher plan.
No one is claiming that Microsoft is doing the copying. Your analogy is spot on for a GPLv2 distribution, save that the vouchers/coupons are being sold (but the "books" are legal for GPLv2). But this is why the rules have changed. And yes, copyright law really, honestly does cover that.
Mind you, IANAL, but I have read Groklaw a bit more carefully than most.
> Let's get over this one now. The "later version" thing in the GPLv2 allows the USER/CONSUMER (corportation, or individual etc.) choose which license to use.
Right, but that individual in the case of the SLES vouchers is the voucher holder, not Microsoft. Do you think that they'd stop the voucher program if they really thought they incurred no legal liability?
> Microsoft aren't selling "Download Credits". They are selling patent licenses for patents that might (Your Interpretation May Vary) otherwise be infringed by the Linux.
No, that's exactly what they've sold! The SLES vouchers are redeemed for Suse Linux and a year of support / updates per the article.
And thanks to the grandfather clause in the GPLv3, Novell is allowed to distribute the software, but Microsoft can no longer be discriminatory in who it sues with its software patents.
So my analogy was correct, you just don't understand the situation. Not that I expect anyone to read TFA around here, but it does make that clear, you know!
IANAL, but the Lexmark case, IIRC, ruled that Lexmark's "lockout device" was just too trivial to be copyrightable and that the DMCA didn't protect it. I don't recall that they lost on the grounds of copyright misuse, although if you can find the ruling, I wouldn't mind rereading it.
Anyhow, you can thank secondary liability under copyright law for the GPLv3 being able to cover that. The GPLv2 only cares about distribution, but that's not all a software license can cover, it's just that it usually doesn't make much sense to do more than that with a free software license.
Copyright law is amazingly (and oftentimes overly) broad, after all. The GPLv3 is just drawing more power from it and trying to use it to keep people like Microsoft from suing people.
You forget that Eben Moglen, a professor of law at Columbia University and general counsel for the FSF read the Novell / Microsoft agreements and drafted the GPLv3 with them in mind with the intent to undo the damage the discriminatory software patent agreements cause.
Given that he believes Microsoft is in trouble and that Microsoft *actually took notice* of the GPLv3 enough to issue an announcement, I'll have to say that while it's probably a thorny legal question, it's nowhere near as one-sided as you make it out to be.
Eben, BTW, is pretty much the foremost legal expert on the GPL. You know, having helped draft it and all. And it's not like PJ doesn't talk with lawyers about her posts. You know, like Eben...
But what the hell do I know? I just post snarky comments on Slashdot... like you do.
> She is under the impression that issuing a coupon is the same thing as distributing
No, no she's not. The GPLv2 limited itself to distribution, but copyright law has fun theories of secondary liability, etc. The GPLv3 expands the scope that it covers to something close to the full scope of what's covered by copyright law.
Did everyone but me forget just how BROAD copyright law is? It covers loads of crap. Just like I can't sell warez vouchers for Joe'z Warez Sitez which happen to be hosted in a copyright-hostile country and claim no liability, you can't "procure the conveyance" of GPLv3 software as a license dodge any more. Yes, you COULD dodge like that under the GPLv2, but only because the GPLv2 said you didn't need permission for anything but distribution. But not any more, because the GPLv3 forbids it and copyright law says you need permission.
The rules have changed, folks. The GPLv3 is stronger, because it takes advantage of the ridiculously strong copyright laws that are so prevalent. But it really shouldn't matter much unless you dislike things like compatibility with the Apache license or planned to undermine people with weird software patent threats.
You forgot just how broad copyright law is, didn't you? Before, the GPL only concerned itself with distribution, so that confusion is understandable, but the GPLv3 defined new terms to use more of that "void" between all activities covered by copyright law and mere distribution.
If you read the Groklaw article, you'll see that there are fun secondary liabilities you can give rise to under copyright law. Yes, procuring the conveyance of a copyrighted work could be infringement under copyright law if I didn't have permission from the copyright holder. Seriously, if I sold download credits to "Joe'z Warez Sitez" do people think that the copyright holder couldn't go after me? Similarly, Microsoft can't be content to have Novell do their "dirty work" for them any more because the scope of the GPL has expanded.
Now yes, this does leave us in a murky legal area. But the GPLv3 CAN cover what it's covering here, it just hasn't cared about such conduct before now. Microsoft has expensive lawyers, though, so who knows? If anyone can buy their way out of this, they can, I mean, what do a few laws cost these days? I suspect companies write it off as a cost of doing business.
Is it just me, or was that a pretty obvious fake? For one, there's no way I'd download any special download software that's only used on one site, ever. That just screams "spyware" to me, no matter how you look at it. In this case, it happened to spy for the MPAA, but I wouldn't put it past some shady download site to do the same and I wouldn't touch software like that with a 10 foot pole.
As for whether or not it's entrapment, I don't see many lawyers here. At best, I suspect it might run afoul of various anti-spyware laws, assuming any of them have teeth. Of course, not unlike the scammers who use similar tricks to get you to do something illegal (making you an accomplice, and thus someone unwilling to turn them in) they've gotten you to infringe upon someone's copyrights making it unlikely that anyone will want to come forward. But still, I wonder, would anyone sued as a result of these investigations be able to claim that the copies they downloaded were authorized by the copyright holder because of the way they put them out there? You'd think they'd be holding the weaker hand with that claim, but I wonder... they do have the money for expensive lawyers, after all.
Just how many non-commercial uses are there for cart locking systems, anyhow?
Any bad data (e.g. using Firefox bugs but not IE bugs) is the least of it. The real problem with his research is the notion that counting vendor-acknowledged bug reports is any measure of security at all. Maybe if he'd done something like an analysis of exposure windows for critical bugs in a default install he could get somewhere, but no. We have yet another worthless bug count.
You don't need to invalidate the data if the methodology is wrong! And if the methodology is wrong, you don't need any numbers to prove it. That's the case here, but you and so many others are hung up on the bug count. Oh, he did address some of the claims and fixed the bug count. But if you'd read the title of the rebuttal on Full-Disclosure, you'd know that the problem was that he tried to measure security by counting bugs to begin with!
How are they obscure? You can't know much about security at all without knowing about people like insecure.org, SecuriTeam, or the Full-Disclosure mailing list. Or maybe you meant the author, Kristian Hermansen? They're a security researcher at Cisco, FYI. But even then, what does obscurity matter if their criticisms are valid? You could be an anonymous coward and make a valid point, after all (alas, that's merely a hypothetical because you do not).
Then you claim that the second report addressed all those issues. That's not at all true. Sure, it doesn't count Firefox bugs any more, but that's not the real problem with the study. The real problem is that counting vendor-acknowledged bugs isn't a security metric at all! That's right, it's not the least bit useful for giving either an academic or real-world measure of security. You can't rescue the original study from that flaw without redoing it and abandoning the original premise.
But I guess you wouldn't know that, because you don't know these "obscure" sites that people who know about computer security do. I mean, next thing you know, people will be citing virtual unknowns like Bruce Schneier as if they knew anything about security! Or maybe Fyodor, I bet he doesn't know a damn thing about networking. What did he ever do? Make up that silly fake application they used as a "hacking" tool in the Matrix movies? [/sarcasm]
> This just debunks the first report.
Yeah, so did he address all the other serious flaws? Such as the whole "number of vendor acknowledged issues" != "useful security metric"? Because unless he did something radically different, his whole methodology was wrong.
You can't just subtract a few worthless bugs from the charts and turn that into a useful security metric. It just doesn't work that way. For an example of something that would be more useful, you could find all the bugs that lead to remote compromise and count the number of days it was widely known before it was patched for some definition of "widely known."
But then you end up with things like that story saying that IE 6 had critical flaws for about 9 months out of last year. Yeah, IE7 is better (hard not to be!) but still.
If you have a GPL tattoo, do you get any women by claiming "Hey baby! Derivative works are free!"
:]
Yeah, I really didn't think so...
Just how is it inaccurate? The General Public License exists to protect the four freedoms of the software it covers. It can't shield a person from all legal liability, of course, but I don't see any major inaccuracy. Are people reading that to say that the GPL shields one from all liability? That would be a horrible misreading of the article, not an inaccuracy. The GPL most certainly does shield people from legal liability for copyright infringement when modifying the software. You know, that whole clause in the GPL that says "You are not required to agree to anything to merely use software which is licensed under the GPL. You only have obligations if you modify or distribute" and the fact that the GPL works because modification and distribution would be copyright infringement without the permission granted by the GPL?
That's right. The GPL shields you against copyright infringement claims by the GPL'd software's authors so long as you follow the rules of the GPL. It's the very source of the GPL's power; without it the GPL could not be enforced. Anyone who doesn't understand that that is how the GPL works doesn't know a damn thing about the GPL or copyright law. Which is probably why we're seeing this article here on Slashdot, huh?