So the bum stops being honest, and says "I need money so I can buy food." That's what makes him a jerk.
I don't disagree that he's a bit of a jerk, but that also makes you a gullible fool. I'm not trying to be insulting, but rather to make the point that it's foolish to hold expectations about the use of something you give to someone else if those expectation aren't made clear, and (more importantly?) enforced by some means.
Now imagine, if you will, the guy with the field turning on the kids and saying, essentially, "All your balls are belong to us." You can't come play ball anymore unless you rent your own equipment back from me.
Except that's not what happened. This analogy doesn't really work since you can't copy physical objects as easily as data, but what *really* happened here is that the guy with the field turns to the kids and says, "Here's all your equipment; you can't use my field anymore, but you're welcome to take your stuff and go find another field to play on. Oh, and here's the sound system I was using to run the announcer's booth. You can use that in your new field as well if you'd like."
(Of course, in the real situation, CDDB/Gracenote kept a "copy" of the "equipment" to use for themselves as well, but FreeDB started with a copy of CDDB's submission database and CDDB's GPLed server query/database software.)
Freedb only exists because people built it from scratch after CDDB started charging.
RTFA. FreeDB is based on a snapshot of the CDDB database taken when CDDB went private (all the current data was released to the public at that point), and the FreeDB query engine and software started off as CDDB's software (new versions of which were released under the GPL until CDDB went private). FreeDB was most definitely not "from scratch." If you read FreeDB's about page, they even give credit to Steve Scherf, the guy in the interview who wrote the original CDDB software.
What would you say if Freedb suddenly locked down and started charging?
I'd say it was a shame, but they're perfectly within their right to do that. On the above-referenced about page, they say all data they accept must be GPL-licensed. They're perfectly within their rights to charge for access to it (though they can't prevent anyone else from starting a new free service based on their data). If it's a choice between FreeDB shutting down because they can't pay for hosting and bandwidth, or charging for the service, they might as well try to stay afloat if people will pay for it.
While you're right that legally Gracenote did nothing wrong, morally their actions were pretty nasty, because they took all the information that the community input into their database *for free* and then started making a profit out of it without giving back to the community. And "all the data you input up until we went commercial is here for you to use" doesn't count.
Why not? They had a choice to make: become irrelevant and possibly have to shut down, or go private. Given the better of the two choices, I think he made a best-faith effort to take everything that had been done up to that point, and keep it in the community (that's where FreeDB came from).
Really, I just don't understand the sense of entitlement many people have. I submitted many CD track lists to the old CDDB, and while it's a shame I can't access the newer service for free, everything I submitted (well, unless it was improved) is still available for free. If you're going to give away your time for free, why should you expect anything in return? Perhaps I'm just overly cynical, though.
Imagine if Wikipedia suddenly said "well, so long and thanks for all the fish, we're going commercial, oh and by the way, here's the archive of all your contributions so far, feel free to use it for whatever while I become a billionaire". Legal? yes. Feels right? nope.
Actually, no, that wouldn't be legal. Or at least, there's probably a way to do it legally, but it wouldn't be practically feasible. All Wikipedia contributions are required to be licensed under the GFDL. Wikipedia could certainly "go private" as you describe if they wanted to, but they couldn't prevent future "subscribed" users from taking all new content from that point and releasing it back to the community. Wikipedia could potentially change the terms under which new submissions are accepted (though the old submissions would still be GFDL-licensed), but that would create a legal mess, and enough negative feeling in the community that I doubt many people would care to contribute.
That actually brings up a good point, though. Under what terms were submissions accepted into the old pre-privatised CDDB? If CDDB required submissions to be put into the public domain, or copyright to be assigned to CDDB, or licensed to CDDB under terms that basically say "you still own it, but you give CDDB the right to do whatever they want with it," then really, what do you expect? If you contribute to something, make sure you know what the receiving entity is allowed to do with it. If you're not happy with the terms, don't contribute. The guy in the interview mentioned that the bulk of CDDB data still comes from user submissions, so clearly there's a large body of people who have no problem with what they're doing. (Or who don't know, and don't care.)
On the other hand, if the original CDDB submission terms kept most rights in the hands of the submitter, people might have a case against present-day Gracenote...
All the CDDB data that users contributed was *locked up* by Gracenote.
No, it wasn't. If you RTFA (yeah, I know, no one does), when CDDB went private, all of the data that was in the database was released to FreeDB. Of course, further additions and improvements to Gracenote/CDDB weren't released.
Now, I don't remember what the original submission disclaimer for CDDB was, but I don't see anything legally -- or morally -- wrong with what Gracenote has done. At least, after RTFAing, I don't anymore. That's assuming this guy is telling the truth, anyway.
True, and for those people, switching to 'nv' doesn't help them out. I'm just pointing out that saying that the security bulletin's workaround is "useless" is disingenuous at best.
What other workaround would you suggest? Currently the only known method of 'patching' this exploit is to just not use the driver at all. Though you can mitigate its severity by only using it on machines not directly accessible from the internet. Thanks, nvidia, for your closed-source driver, and lack of desire to fix a remote root exploit for *two* years.
The original poster made a blanket statement that "use 'nv' instead" was useless. He did not qualify it, so therefore it is safe to assume he meant "for everyone". Clearly, that is false. That's all I was pointing out. And unless you have figures to back up your assertion that "millions" of people who use nvidia cards on Linux have a need for the 3D acceleration, and there are very few who don't, you really can't refute my belief that there's a significant number of people who don't care about the 3D-accel features. I'm not saying they're anywhere near as numerous as those who do, but... well, blanket generalisations are, to borrow a word, useless.
Personally, I don't care so much about the HW-accelerated GL support the nvidia binary driver supplies. I only use it for the 2D acceleration (which, ironically, I usually don't use as it renders my system somewhat unstable). So for some of us, switching to the open source 'nv' driver is quite feasible.
I really think that the only real solution to the problem of game developers not developing for Linux will only be solved when a Linux-only game company starts up.
Tell that to Loki... Though, to be fair, they mostly did ports of existing Windows games, and I don't think wrote any original titles (though I could be mistaken).
I guess what I'm now wondering is... if TD Waterhouse/Ameritrade is willing to go and buy lists of competitors' customers' email addresses and then start spamming them, are they trustworthy enough not to sell out their own customers? Not saying that one implies the other, but IMHO both are at minimum somewhat-sketchy practices.
I think another interesting point is that they don't mention on which side of the call is the suspected member/agent of Al Qaida. What if they suspect that the person on the US side of the call, who is potentially also a US citizen, is the member/agent of Al Qaida? Then, regardless of with whom they are talking, the NSA has just illegally tapped the phone of a domestic US citizen. The "international" part is moot here.
Isn't that like saying that the immune system is not a solution for diseases, only a useful stop-gap?;)
No, I think that's correct. A real "solution" to disease would be to eradicate all viruses and disease-causing bacteria. The human immune system (which is often "trained" against different diseases by using vaccines) is merely a last defense if a disease actually gets into your body.
Or you could have googled "startx.exe", and the first link would tell you what it is. We all know what they say about what happens when you assume things. And why would you try to apply Unix/Linux knowledge to Windows, anyway?
According to the CIA World Factbook, Taiwan has an unemployment rate under 5%, with 0.9% of the population living below the poverty line.
If the job is half as bad as this report makes it out to be, then everybody doing it is a complete tard for not changing jobs. Which do you suppose is the case?
Despite what China would like you to believe, China != Taiwan. You can't really compare the two on economic terms.
Reports about someone earning "X" per month are meaningless out of context. How much, exactly, do other workers in their locale earn? What is the overall cost of living? (Yes, I'm aware that the article makes reference to food and rent consuming "half" their salary.)
Hell, I wish my living expenses only cost half my salary. I'd be rich by now considering how much I'd be able to save and invest.
I read it as "pay" instead of "play", and figured the lawyers had been bickering for so long, the judge ordered them to give their clients their money back.
Do you have any sources to support this? I'm not saying you're lying or spreading FUD, but "random guy posting on Slashdot" does not an authoritative source make.
What I want is what you can get at most dedicated server providers: a 10 Mbps full duplex port in and out with a 1500 GB monthly bandwidth cap, no blocked ports, and a/29 subnet allocation. If they can offer that for $85-$150 a month including a server rental then surely a telco or cable provider can provide that level of bandwidth too. Give the Internet back to the people with affordable bandwidth and symmetric connectivity.
I'd love that too (and I'd absolutely pay $150/mo for it), but the dedicated/colo providers don't need to schlep that data from your house to the central office. They just have to push bits around their data center, and then in and out of their fat pipe(s). It's a bit of a different ball game than having thousands/millions of individual lines out from the central offices to each house. At least, it is with the current infrastructure available in the US.
Not to mention that the market for that is pretty small. Most people will be satisifed with a reasonably high downlink and much lower uplink for $30-50/mo, even if it's shared. For good or ill, product offerings are generally shaped by market forces...
We can solve this problem today and SPF is an important component of that. If you email server automatically refuses mail from servers that don't have an SPF record it will immediately stop email from all zombies.
Repeat after me: SPF does not prevent spam.
All SPF does is allow a recipient to verify that mail claiming to come from example.com actually does come from a mail server authorised by the owners of the example.com domain to send mail. Sure, that solves the zombie problem, but there are plenty of other avenues open to the spammer.
Hypothetical spammer registers nastyspammer.com, sets up smtp.nastyspammer.com, and sets up a SPF record in their DNS saying that smtp.nastyspammer.com is authorised to send mail for nastyspammer.com. The recipient mail servers won't reject the mail based on an SPF lookup, because everything's legit.
So now what? Well, you can blacklist the nastyspammer.com domain. But then the spammers just register another domain. And another. And another.
SPF is only a piece of the puzzle. The rest of it hasn't been filled in yet.
I agree with the grandparent, the Linux community should get down on their knees and thank NVidia and ATI that they have any drivers at all.
I'm running Linux on a PowerBook with an nvidia chipset. There is no driver for this sw/hw combination from nvidia. Who am I thanking again?
Oh right, I'm in the minority, so the closed-source software gods see no reason to support me. Wait... what's that? If we had a quality accelerated open source driver for nvidia chipsets, it would be quickly ported to my architecture by a team of volunteers? Well, wouldn't that be amazing. Too bad about that, though.
Sorry, but I write my own software when I have a need for something that doesn't exist. I'm sure as hell not getting down on my knees to thank some faceless corporation who only cares about me insofar as it can make money off me. Not that I fault them for that, but I value my own principles too much. Your principles differ: I get that. But please recognise that people feel differently than you do about all this, and our viewpoint is just as valid.
This is the point I keep trying to make! Linux users who don't want other people to use their OS are, by my definition, elitist.
I think you're still missing the point, and you're mischaracterising the situation. It's not that these Linux users actively don't want other people to use Linux. It's just that they really don't care if other people use it or not. We want to use it and develop it under our terms. If those terms aren't acceptable to you, that's fine. You don't have to use it. We're not forcing you to use it, and there are currently enough people who are like-minded to us to keep the OS actively developed. We're banking on the hope that this situation will maintain itself, and so far it seems to be a pretty good bet. You may disagree with all this, but frankly, we don't care. It's your prerogative to disagree, but it's also ours to ignore you.
The ironic thing here is that you are advocating Windows, which has ridiculously-restrictive policies on redistribution and modification (ever actually read the EULA?). Linux, in comparison, is the epitome of permissivity.
The kernel headers contain declarations for kernel functions, structures, and macros. They don't actually produce any object code that is linked in the binary.
Some of them do produce object code in the form of inline functions in the headers. I'm not sure if nvidia's drivers include any headers that contain inline functions, though.
That's preposterous. You're assuming that the only type of error that will ever occur in a kernel driver is a catastrophic one. What if the driver just doesn't behave as it should?
So say we have this nuclear reactor, and its control system uses a microkernel architecture. Let's say the hardware has these sensors for detecting if the reactor is overheating. Let's say the driver for these sensors is running in userspace (i.e., not inside the microkernel). Let's also say that the microkernel itself was proved to be correct, but the user-space portions (including this sensor driver) were not.
So what happens when a certain input causes the sensor driver to report incorrect temperature values? Oh, right, you didn't prove the sensor driver's correctness, because for some reason it doesn't matter anymore. I'm sure the people living by the nuclear reactor won't mind the radiation. They'll think it's great that the failure wasn't because the control system crashed, and it's OK that the programmers didn't bother to verify that the system actually worked properly.
How many of us (who have all bashed Microsoft fairly and unfairly) would not drop our current job to take a position at Microsoft? I know that I would.
I interviewed with Microsoft a month or so ago (they contacted me; I wasn't looking), and decided not to pursue a 2nd-level interview after being asked to do one. Just because you'd do something, it doesn't mean everyone else would. (By the same token, just because I wouldn't do something, it doesn't mean everyone else wouldn't. Our tiny sample size here is useless to draw any kind of conclusion.)
Slashdot Mirror
(Of course, in the real situation, CDDB/Gracenote kept a "copy" of the "equipment" to use for themselves as well, but FreeDB started with a copy of CDDB's submission database and CDDB's GPLed server query/database software.)
Really, I just don't understand the sense of entitlement many people have. I submitted many CD track lists to the old CDDB, and while it's a shame I can't access the newer service for free, everything I submitted (well, unless it was improved) is still available for free. If you're going to give away your time for free, why should you expect anything in return? Perhaps I'm just overly cynical, though. Actually, no, that wouldn't be legal. Or at least, there's probably a way to do it legally, but it wouldn't be practically feasible. All Wikipedia contributions are required to be licensed under the GFDL. Wikipedia could certainly "go private" as you describe if they wanted to, but they couldn't prevent future "subscribed" users from taking all new content from that point and releasing it back to the community. Wikipedia could potentially change the terms under which new submissions are accepted (though the old submissions would still be GFDL-licensed), but that would create a legal mess, and enough negative feeling in the community that I doubt many people would care to contribute.
That actually brings up a good point, though. Under what terms were submissions accepted into the old pre-privatised CDDB? If CDDB required submissions to be put into the public domain, or copyright to be assigned to CDDB, or licensed to CDDB under terms that basically say "you still own it, but you give CDDB the right to do whatever they want with it," then really, what do you expect? If you contribute to something, make sure you know what the receiving entity is allowed to do with it. If you're not happy with the terms, don't contribute. The guy in the interview mentioned that the bulk of CDDB data still comes from user submissions, so clearly there's a large body of people who have no problem with what they're doing. (Or who don't know, and don't care.)
On the other hand, if the original CDDB submission terms kept most rights in the hands of the submitter, people might have a case against present-day Gracenote...
Now, I don't remember what the original submission disclaimer for CDDB was, but I don't see anything legally -- or morally -- wrong with what Gracenote has done. At least, after RTFAing, I don't anymore. That's assuming this guy is telling the truth, anyway.
True, and for those people, switching to 'nv' doesn't help them out. I'm just pointing out that saying that the security bulletin's workaround is "useless" is disingenuous at best.
What other workaround would you suggest? Currently the only known method of 'patching' this exploit is to just not use the driver at all. Though you can mitigate its severity by only using it on machines not directly accessible from the internet. Thanks, nvidia, for your closed-source driver, and lack of desire to fix a remote root exploit for *two* years.
The original poster made a blanket statement that "use 'nv' instead" was useless. He did not qualify it, so therefore it is safe to assume he meant "for everyone". Clearly, that is false. That's all I was pointing out. And unless you have figures to back up your assertion that "millions" of people who use nvidia cards on Linux have a need for the 3D acceleration, and there are very few who don't, you really can't refute my belief that there's a significant number of people who don't care about the 3D-accel features. I'm not saying they're anywhere near as numerous as those who do, but... well, blanket generalisations are, to borrow a word, useless.
Personally, I don't care so much about the HW-accelerated GL support the nvidia binary driver supplies. I only use it for the 2D acceleration (which, ironically, I usually don't use as it renders my system somewhat unstable). So for some of us, switching to the open source 'nv' driver is quite feasible.
I guess what I'm now wondering is... if TD Waterhouse/Ameritrade is willing to go and buy lists of competitors' customers' email addresses and then start spamming them, are they trustworthy enough not to sell out their own customers? Not saying that one implies the other, but IMHO both are at minimum somewhat-sketchy practices.
Seriously, have you even read the other posts that you've written?
I think another interesting point is that they don't mention on which side of the call is the suspected member/agent of Al Qaida. What if they suspect that the person on the US side of the call, who is potentially also a US citizen, is the member/agent of Al Qaida? Then, regardless of with whom they are talking, the NSA has just illegally tapped the phone of a domestic US citizen. The "international" part is moot here.
Or you could have googled "startx.exe", and the first link would tell you what it is. We all know what they say about what happens when you assume things. And why would you try to apply Unix/Linux knowledge to Windows, anyway?
I read it as "pay" instead of "play", and figured the lawyers had been bickering for so long, the judge ordered them to give their clients their money back.
Do you have any sources to support this? I'm not saying you're lying or spreading FUD, but "random guy posting on Slashdot" does not an authoritative source make.
Not to mention that the market for that is pretty small. Most people will be satisifed with a reasonably high downlink and much lower uplink for $30-50/mo, even if it's shared. For good or ill, product offerings are generally shaped by market forces...
All SPF does is allow a recipient to verify that mail claiming to come from example.com actually does come from a mail server authorised by the owners of the example.com domain to send mail. Sure, that solves the zombie problem, but there are plenty of other avenues open to the spammer.
Hypothetical spammer registers nastyspammer.com, sets up smtp.nastyspammer.com, and sets up a SPF record in their DNS saying that smtp.nastyspammer.com is authorised to send mail for nastyspammer.com. The recipient mail servers won't reject the mail based on an SPF lookup, because everything's legit.
So now what? Well, you can blacklist the nastyspammer.com domain. But then the spammers just register another domain. And another. And another.
SPF is only a piece of the puzzle. The rest of it hasn't been filled in yet.
Oh right, I'm in the minority, so the closed-source software gods see no reason to support me. Wait... what's that? If we had a quality accelerated open source driver for nvidia chipsets, it would be quickly ported to my architecture by a team of volunteers? Well, wouldn't that be amazing. Too bad about that, though.
Sorry, but I write my own software when I have a need for something that doesn't exist. I'm sure as hell not getting down on my knees to thank some faceless corporation who only cares about me insofar as it can make money off me. Not that I fault them for that, but I value my own principles too much. Your principles differ: I get that. But please recognise that people feel differently than you do about all this, and our viewpoint is just as valid.
The ironic thing here is that you are advocating Windows, which has ridiculously-restrictive policies on redistribution and modification (ever actually read the EULA?). Linux, in comparison, is the epitome of permissivity.
That's preposterous. You're assuming that the only type of error that will ever occur in a kernel driver is a catastrophic one. What if the driver just doesn't behave as it should?
So say we have this nuclear reactor, and its control system uses a microkernel architecture. Let's say the hardware has these sensors for detecting if the reactor is overheating. Let's say the driver for these sensors is running in userspace (i.e., not inside the microkernel). Let's also say that the microkernel itself was proved to be correct, but the user-space portions (including this sensor driver) were not.
So what happens when a certain input causes the sensor driver to report incorrect temperature values? Oh, right, you didn't prove the sensor driver's correctness, because for some reason it doesn't matter anymore. I'm sure the people living by the nuclear reactor won't mind the radiation. They'll think it's great that the failure wasn't because the control system crashed, and it's OK that the programmers didn't bother to verify that the system actually worked properly.