Thank you, debian, for apt. Here's how I keep up to date with patches:
apt-get update && apt-get -u upgrade
Apt is such a great idea. It's a better idea than RHN or whatever it is that mandrake is doing. Why? Because there are a ton of debian developers, each of them only having to watch a relatively small number of packages And when they keep up with patches, I do too, for almost no work.
This is the beauty of apt - it distributes patch management among a lot of people so that the load of any of them is relatively small. But then it allows all of us to leverage that work. It's distributed AND centralized all in one.
I'm not trying to start an distro war here. I'm just *SOOO* thankful for apt and debian. I'm trying to express gratitude. If it came out as flamebait, it was not intended.
Please cite examples where competent Windows administrators who kept up with Windows patches were stymied by a Windows problem that kept mission-critical systems down.
How about where a patch that needed to be installed to fix one particular bug, took away the functionality that was necessisary in another part of the application? I've had several clients who were stuck on a particular version of NT (bug infested and a security nightmare) because they could not get the security patches installed w/out the patches breaking their application.
In these cases, it didn't matter whether the admins were competant or not. Microsoft forced them to either:
No you missed my point. I was not trying to say that someone is unpure independant of their deeds. Your deeds and thoughts do make you unpure. However, the heart of that impurity is an unspoken belief. The belief that we can do things on our own, apart from God. The belief that we can be self sufficient. This is essentially the act of making yourself into your own god.
IMHO, the belief that we can be self sufficient just does not jibe with reality. I don't regulate the beat of my own heart, or the release of hormones into my own blood stream. Much less do I control the amount of oxygen in the atmosphere, or the sun that provides almost all of the energy that fuels all of the life on our planet. Simply put, I can't possibly be self sufficient and live.
And setting ourselves up as our own god is something, so far as I've encoutered, that we are all guilty of. We all seem to believe that we are capable of depending on no one but ourselves. It is this unbelievable worship of ourselves that allows us to justify murdering someone who is getting in the way of our plans. It is the thing that causes us to think that it's ok for us to exert power through rape. It's the thing that justifies lieing, and cheating, and stealing. We think we're owed something by virtue of who we are.
If we stop and recognize that we're not all that, and that we simply are NOT self sufficient and that we absolutely and completely depend on something outside ourselves, then it becomes very difficult to murder, rape, cheat, steal, etc.
As far as all those people before Christ being in hell, all I can say is that it is not for me to judge anyone. CS Lewis describes this very problem in "Mere Christianity". He suggests that the deal is this: acknowledge that you're screwed up, and accept God's plan for your life. For you and me today, that means accepting the realities of Christ's life. For someone who was born before Christ, it may have meant something different. But the whole deal comes down to recognizing that you are not god and that you depend completely on something outside of yourself.
This process, by the way, is called "repenting". That word tends to generate a lot of negative reactions, but it simply means acknowledging yourself as screwed up, and relying on God's plan for your life. The problem is this: I can't ever know whether or not you (or anyone) has repented. I can't ever know if anyone has really done the job of acknowledging their own screwed up selves and accepted God's plan instead. The reason is that it may be much harder for one person, due to his genetics, upbringing, etc, to show one single other person an act of kindness than it is for me to give away all of my money to the poor. Only God knows whether or not anyone has repented, so only God can judge the value of anyone's actions.
God judges justly whether or not those who came before Christ have repented. Just has he judges justly whether or not those who came after have repented. The good news for you is that you don't have to worry about anyone other than yourself and your relationship with God. It's not until you have made yourself right with God that it matters if someone else has.
But, of course, you're completely free to totally reject this if you like. And you're free to consign this to nonsense. My hope is that you might at least be somewhat interested in understanding the Christian point of view, whether or not you decide to agree with it.
Yet I'm pragmatically moral, considerably moreso than many of those that do "believe and trust" in him. Yet, according to this doctrine, I'm going to hell.
Being pragmatically moral is not the issue. The issue is how God who is pure can possibly interract with someone who is not pure. When you mix pure water with pure water, the result is still pure water. But when you mix contaminated water, no matter how small, with pure water, the result is contaminated water.
So the question is this: are you pure? It doesn't matter if you're a little or a lot contaminated. When you mix with the pure, the result is contamination. And above all things God will not allow himself to be contaminated. He will remain pure.
And the heart of your contamination, in this case, is not whether you lied to your parents, or participated in pre-marital sex (although those are not insignificant). The heart of your contamination is that you reject God, which allows you to... (list violations of 10 commandments here).
Your eternal death is not as a consequence of God's sending you to hell. It's as a consequence of God accepting your decision to reject Him. It's up to you. You're allowed to choose, and God will not interfere with that choice. That may look to you like God is standing at a distance. It's more that he's not interested in forcing your hand.
Rejecting God is entirely your choice. The consequence of rejecting God is that existance w/out God is horrible. It's awful. It's the worst possible thing that can be imagined. You've never experienced it because the world is filled, from head to toe, with God. The classic image of hell is only a description of what the consequence of that rejecting God is like. For another description try reading "The Great Divorce" by CS Lewis.
Ok... well prove that OJ killed Nicole. It's certainly not anything that anyone other than Ron & Nicole saw, but the vast majority of people simply believe it to be true. Or maybe you don't. Fine, then prove that you looked at your clock this morning at whatever time you looked at your clock.
The reality is that somethings are true, but can't be proven. (This was formalized, for mathmatics, by Goedel.) Proving an experience can be *very* difficult to do.
I do believe in God. I believe that Jesus is the person of God written into the history of the universe. And I believe that God did this as the ultimate proof that good will win over evil. I believe these things because I've had certain experiences that make it difficult, if not impossible, for me to compose a credible rejection. Can I prove it? No, but so what? I can't prove to you that my 20 month old son woke up at 6:17 am this morning, either. But I'm completely certain that both are true.
The ruling you mentioned was to uphold the right of citizens to encryption (being that privately held belief and thus encrypted data are a subclass of Free Speech).
What? No it wasn't. The ruling was about a scientist who wanted to electronically publish source code so that it could be discussed with his peers! This wasn't about that scientist's right to use encryption. It was about his right to post source code. And the ruling specifically mentioned that "source code represent[s] communication between computer programmers".
I don't know what ruling you were talking about but I see no part of it that looks like the way that you describe it.
I recall that a (fairly) recent ruling w.r.t. the publishing of source code to implement strong encryption was deemed as speech. This was the case where a professor wanted to publish source code for encryption but was barred from doing so on the premise that doing so violated federal regulations regarding the export of a munition. The ruling determined that source code was speech and therefore was protected by the first admendment.
If Linus (et al) are publishing source code, isn't this code protected by the first amendment no matter what patent law says? I mean, by sending out the source code, aren't they simply giving a description of *how* a patented thing works, not an implementation of that thing actually working? And since the patent requires that the patented thing be fully described, isn't source code simply a different way of saying something that is already public knowledge?
Couldn't a developer who is being sued for patent infringement simply say, "I'm just exercising first amendments rights.. and besides I'm not saying anything more than you've already said in your patent filing. I'm just saying it in a different language than you."
We're talking about "affirmative action" for software.
The reason that affirmative action is usually considered bad is because it enforces a choice, not on the merits, but on external factors between otherwise equal candidates. Ironically, this is exactly what it was put in place to help prevent. Most people who are opposed to afirmative action consider it to be unnecessary now. Calling the Digital Software Security Act afirmative action, is saying that you're going to enforce a choice based on an external factor between otherwise equal candidates, and enforcing that choice is simply not necessary.
But the *ENTIRE* point of the DSSA is that it isn't a choice between equals. Proprietary software, should have no place in managing data that is owned by the people. And access to that data should not require that we become beholden to a specific vendor in perpetuity. It's basically saying that the playing field must be level.
Perhaps, there will come a time, when DSSA is not actually necessary and the market for computer software is sufficiently competitive enough that no one vendor would dare to try and misuse protocols for market share. But we're not there yet, and right now, IMHO, we need something to get us there.
While I agree with you on how hostile EULAs are to users, and while I wish to have no part in them, I think the reason that they've never been challenged in court is that the recourse is simply too easy: don't use the software. While this recourse was not very realistic a few years ago, there are many more choices today and that's a good thing.
I see this event in the same way that I see licensing 6.0. MS is writing the script to their own demise. Do we really think that the general public is this stupid? How many more times does this have to happen before folks refuse to put down money for this stuff. I don't think many, but I'm already converted, so perhaps I'm overly optimistic.
The attacker still has to get on the network between you and the website and essentially transparent-proxy your connection through a rogue ssl proxy to make this all work.
I don't think so. All the attacker has to do is mimic the looks of the site enough to be convincing. At which point getting you to go to the wrong site is realtively easy. DNS is UDP based. So if I want to convince all users at my ISP that www.amazon.com is at my IP address, I simply generate a DNS request for www.amazon.com to my ISP's DNS server, immediately followed by a reply that appears to come from one of amazon's DNS servers. I can even set the TTL to something fairly large. I've now effectively poisoned the DNS cache of my ISP's DNS server, so that when anyone from my ISP wants to go to www.amazon.com, they go to my machine instead.
Getting in the middle isn't really that hard. It used to be that getting in there w/out triggering the SSL verification was hard, but now it's not.
Re:If linux is really not pro-terrorist, why the G
on
Linux 2.4.19 Released
·
· Score: 4, Informative
First you say
Because the GPL is so frequently misunderstood...
And then later...
As noted above, the use of GPL code with code licensed from another party could, under certain circumstances, arguably obligate you to sublicense the other party's code under the GPL.
Wow! Excellent example of misunderstanding the GPL! There are *NO RESTRICTIONS* on the use of GPL'd code. Don't believe me? Check the GPL:
Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does.
What this means is that the *only* thing the GPL applies to is redistribution of code. If you simply use the code, you're free to do with it whatever you want (except redistribute it). So I'd recommend that you take your own advice and read the GPL before you start spouting off about what it's implications are.
2) Go out and buy a PC for 300-400 then buy the video capture card, a video card with a TV out, an IR receiver, and software. Then hook it up to your home theater system and always have this odd looking box sitting next to the rest of your equipment.
No. I'm not going to go out and buy a PC + TVcard. I have the PC, and TV cards are incredibly cheap. What I want is the software to effectively turn my existing PC into a DVR. Personally, spending $50 on a tv cap card is a lot more attractive than spending $400 on a Tivo + $200 for lifetime subscription, or $600 on a ReplayTV.
IANAL, but I think this is already covered by the GPL. Specifically:
Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does.
So a click through GPL is silly for end users. Use of the program is not restricted by the GPL so there's nothing for the user to agree to. It would seem sensible, if you're going to impose restrictions on someone, that you be required to tell them about the restrictions before they are required to abide by them. But in the case of using the software, there are no restrictions. So what is there to tell... except maybe to be nice and inform the user that they have a right to the source code to the program that they're using.
It's only when someone goes and gets the source code, with the intention of redistributing, where the GPL starts to come into play. Becuase, in that case, there are some restrictions that are being placed on the end user if they want to distribute the code. Of course, there should be no reason to require the end user to click to agree to them. The default copyright stance is that you have no rights to copy unless given permission to:
You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.
So the question now becomes, when someone downloads the source code, does the source code have to come in a way that presents the GPL to the user prior to granting them access to the source code? And I think the answer is no. Because the default stance of copyright law is that you're *NOT* allowed to copy it unless given permission So if you didn't click through the license, then copyright law does not allow you to distribute it. Oh wait, look here's the GPL which governs the terms under which you can distribute it. In other words, in order to be allowed to distribute, you *MUST READ AND UNDERSTAND THE LICENSE*, because, by default, you don't have any right to distribute.
My personal opinion is that I'd like to not encourage click through licences. I'd rather see copyright licensing become less restrictive rather than more. I'd like to see things like the GPL less necessary, because ideas flow freely by their very nature, and are not artificially restricted by legal constructions.
Allowing open source licenses that require click through is basically saying that we should make the exchange of ideas more restrained by artificial legal contructions. It seems to me that the point of opensource is to promote the benefits of the free flow of ideas. And allowing licenses to require click through is well, not really the point.
But I'm sure that there's some fundamental flaw in my logic here. I leave it to you to point it out to me.
I'm not a historian, but I think you might be missing the point. I don't think the analogy that Mr H made was meant to suggest that the south could not possibly have won the war. I think that it was meant to suggest that claiming that the south won the civil war, is as far off as claiming that the USPS could have owned email. But that's just my read of it.
... the south lost the civil war, right? Hey, I said I wasn't a historian!
There's no need to mess with economic theory to explain Open Source.
No one is "messing with" economic theory. Benkler isn't saying that traditional economic theories are wrong. Just that they're not sufficient to explain a newly witnessed phenomenon: Open Source/Free Software.
I provide free software because I have no reason not to. I don't provide it for the hopes of some future consulting dollars. I don't provide it because I wish to maintain control of my work. I use the GPL because I don't want someone to take work that I've already done and make me pay for it in some slightly different form.
For Microsoft and Sun and..., they only reason they produce software is to sell it. They're not actually concerned about using it to solve a problem that they are experiencing. They're not scratching their own itches. They're guessing at the itch that someone else has and trying to produce a backscratcher that will reach. But for me finished software is simply a scratched itch. I do NOT look at it as an oppurtunity to sell a backscratcher to others with the same itch. If they want it, fine. I've already solved my problem.
But if you want to get some idea of what I really want by releasing my software, it's this. I want access to the backscratchers that others have produced. But not only that with the ability to easily modify their backscratcher to reach my specific itch. This economy is not measured in dollars. It's measured in software, and that, I think is the point of Benkler's article. If you try to measure open source/free software using the traditional mechanisms, you're going to have to start looking for the money. For the *vast* majority of people who produce open source/free software, their just isn't any money involved. (IBM, Red Hat notwithstanding. They provide lots of opensource/free software, but not anywhere near the majority.)
So Benkler is just saying that there are other "enlightened self interest" factors that are involved. Not just money. Since all of the traditional economic production models have centered around money, they're not sufficient.
If you've got something that's working for you with sufficient effectiveness, then by all means don't change anything. I personally use RBL's in my postfix MTA, as well as using spamassissin. But those techniques alone were porous. They'd let through sufficient amounts of spam to bother me. That's when I incorporated TMDA in addition to RBL's and spamassassin.
Now I get zero, zip, zilch spam in my mailbox. Additionally, I get some pretty neat other stuff that I can use for outgoing mail that RBL's, etc, don't provide. I really like "dated", "sender" and "keyword" addresses. RBL's and spamassassin don't do anything like that.
But like I said, if what you've got is working, there's no reason to use TMDA.
That's true. But I use TMDA in conjunction with other (less effective) techniques. So I've got RBL 's configured into my postfix mailer. I've also got spamassassin tagging messages that get through the RBL's. TMDA is simply the last ditch effort, that (so far) has been 100% effective at stopping everything that's gotten through the other exceptionally porous filtering mechanisms.
Using TMDA does not mean ceasing use of other techniques. TMDA is just the last thing to guard my mailbox when the other things fail.
Well, if you use it like I use it, then generally speaking it's not a problem. If you post to USENET with any regularity then you probably want to use "dated" addresses. These are email addresses that will expire after a certain amount of time. You can then tell TMDA what you want to do with an email to a dated address that's expired. I bounce these types of emails. So if you're a spammer, and you've harvested an email address off of USENET that I sent greater than 5 days ago, you are not going to get into my mailbox, nor my pending queue.
And the bounce that I send to you, if it fails, will simply get automatically deleted. That's because I send all bounce messages as being from "mark-devnull@hornclan.com". If I get a message back to that address, I know that it came from my attempt to reply to a spammer, so TMDA just delete it for me.
OTOH, if you're trying to prevent spam from getting to your machine at all, well, that's a much more difficult problem. I use several techniques, in conjunction with TMDA, that prevent spam from getting to my machine. But their effectiveness is terrible. TMDA is the last stop. The one that (so far) has 100% effectiveness, that stops all the stuff that the other techniques don't. That's why I use it.
Everyone loves pointing out that anyone can get their hands on the tools necessary to modify open-source software, but they tend to conveniently ignore the fact that not everyone has the programming skills necessary to do so.
So what? If your business depends on a feature in the 2.0 series kernel, then it doesn't matter if you have the requisite kernel programming skills. You can buy those. I don't work for redhat, but I'll bet $.50 that they'd take on that support contract. If not them, maybe IBM. If not them, how about contracting with the guy who's doing it right now?
The fact that it's open source means that anyone who's willing to do the work of maintaining the code can. And if you're depending on it, you will always have options.
Depending on which MTA you're using, you can do this with address extensions too. Sendmail uses + as it's address extension, and postfix/qmail use - for address extensions. So for my email, for example, mark-foobar@hornclan.com will get delivered to the same mailbox as mark@hornclan.com. The MTA simply ingores everything after and including the extension delimiter.
TMDA takes advantage of this sort of thing. So it does what you're talking about, but it also adds a cryptographic hash onto the extension to verify that you infact were the person who generated the extension. So my equivalant of what you're doing would be:
The generation of the hash depends on a secret 140bit key that only I know. Thus I can create these things whenever I want and use them without modification to my mailsetup and be confident that no one else can generate these things that will get into my mailbox.
Other types of addresses that tmda generates:
Dated addresses - addresses that will work for a certain amount of time, and then expire. Great to use when posting to USENET, and as the default for all outgoing email.
Sender addresses - addresses that will work if used by a particular sender. Great for subscribing to mailing lists with.
Anyway, I'm pretty pleased with TMDA, although, as I say in another post, it can impact one's ego.
Yeah, since I started using TMDA, I've had a mild case of depression. Besides mailing lists, I never really get any email. I used to be able to delude myself into thinking people liked me because I got so much email -- but it was mostly spam. So, apparently, I'm not that popular!
So be careful if you choose to use TMDA. It might impact your ego.
Certainly some other kernel can do things like mount the filesystem. But I think that would be tricky to accomplish remotely using SELinux. Like I said, I don't know much about SELinux, but I'm pretty sure that root is *not* god in that environment. But reading the actual docs on SELinux would probably confirm or deny this.
The killer right now is letting them use Mozilla and Evolution through X from a server located outside the firewall: very secure and virusless (and cheap!)
You might want to be careful with this box that is outside the firewall. If someone can get into it, they can launch applications like xkey This will enable someone to do keyboard monitoring of anyone who's running an X application. Combine that with "netstat -anA inet | grep ESTAB" and you can easily determine some good IP addresses to target. What I'd be concerned about is someone sniffing my keystrokes in my mozilla sessions, getting by all the wonderful SSL encryption!
One way to combat this would be to use X forwarding through ssh as the X11 transport. That way you have to have access to the user's ~/.Xauthority file, which is typically set readonly for that particular user. Which means any local root exploits would grant someone access to all of your customer's keystrokes.
Something else you might want to look into is NSA's SELinux. I don't know much about it, but it seems like you could take advantage of the higher granularity of access controls to limit someone (other than the rightful user) getting access to ~/.Xauthority. Even root wouldn't be able to get access.
Anyway, that's a very cool idea you have. Just be careful.
Slashdot Mirror
Thank you, debian, for apt. Here's how I keep up to date with patches:
Apt is such a great idea. It's a better idea than RHN or whatever it is that mandrake is doing. Why? Because there are a ton of debian developers, each of them only having to watch a relatively small number of packages And when they keep up with patches, I do too, for almost no work.
This is the beauty of apt - it distributes patch management among a lot of people so that the load of any of them is relatively small. But then it allows all of us to leverage that work. It's distributed AND centralized all in one.
I'm not trying to start an distro war here. I'm just *SOOO* thankful for apt and debian. I'm trying to express gratitude. If it came out as flamebait, it was not intended.
How about where a patch that needed to be installed to fix one particular bug, took away the functionality that was necessisary in another part of the application? I've had several clients who were stuck on a particular version of NT (bug infested and a security nightmare) because they could not get the security patches installed w/out the patches breaking their application.
In these cases, it didn't matter whether the admins were competant or not. Microsoft forced them to either:
No you missed my point. I was not trying to say that someone is unpure independant of their deeds. Your deeds and thoughts do make you unpure. However, the heart of that impurity is an unspoken belief. The belief that we can do things on our own, apart from God. The belief that we can be self sufficient. This is essentially the act of making yourself into your own god.
IMHO, the belief that we can be self sufficient just does not jibe with reality. I don't regulate the beat of my own heart, or the release of hormones into my own blood stream. Much less do I control the amount of oxygen in the atmosphere, or the sun that provides almost all of the energy that fuels all of the life on our planet. Simply put, I can't possibly be self sufficient and live.
And setting ourselves up as our own god is something, so far as I've encoutered, that we are all guilty of. We all seem to believe that we are capable of depending on no one but ourselves. It is this unbelievable worship of ourselves that allows us to justify murdering someone who is getting in the way of our plans. It is the thing that causes us to think that it's ok for us to exert power through rape. It's the thing that justifies lieing, and cheating, and stealing. We think we're owed something by virtue of who we are.
If we stop and recognize that we're not all that, and that we simply are NOT self sufficient and that we absolutely and completely depend on something outside ourselves, then it becomes very difficult to murder, rape, cheat, steal, etc.
As far as all those people before Christ being in hell, all I can say is that it is not for me to judge anyone. CS Lewis describes this very problem in "Mere Christianity". He suggests that the deal is this: acknowledge that you're screwed up, and accept God's plan for your life. For you and me today, that means accepting the realities of Christ's life. For someone who was born before Christ, it may have meant something different. But the whole deal comes down to recognizing that you are not god and that you depend completely on something outside of yourself.
This process, by the way, is called "repenting". That word tends to generate a lot of negative reactions, but it simply means acknowledging yourself as screwed up, and relying on God's plan for your life. The problem is this: I can't ever know whether or not you (or anyone) has repented. I can't ever know if anyone has really done the job of acknowledging their own screwed up selves and accepted God's plan instead. The reason is that it may be much harder for one person, due to his genetics, upbringing, etc, to show one single other person an act of kindness than it is for me to give away all of my money to the poor. Only God knows whether or not anyone has repented, so only God can judge the value of anyone's actions.
God judges justly whether or not those who came before Christ have repented. Just has he judges justly whether or not those who came after have repented. The good news for you is that you don't have to worry about anyone other than yourself and your relationship with God. It's not until you have made yourself right with God that it matters if someone else has.
But, of course, you're completely free to totally reject this if you like. And you're free to consign this to nonsense. My hope is that you might at least be somewhat interested in understanding the Christian point of view, whether or not you decide to agree with it.
Being pragmatically moral is not the issue. The issue is how God who is pure can possibly interract with someone who is not pure. When you mix pure water with pure water, the result is still pure water. But when you mix contaminated water, no matter how small, with pure water, the result is contaminated water.
So the question is this: are you pure? It doesn't matter if you're a little or a lot contaminated. When you mix with the pure, the result is contamination. And above all things God will not allow himself to be contaminated. He will remain pure.
And the heart of your contamination, in this case, is not whether you lied to your parents, or participated in pre-marital sex (although those are not insignificant). The heart of your contamination is that you reject God, which allows you to ... (list violations of 10 commandments here).
Your eternal death is not as a consequence of God's sending you to hell. It's as a consequence of God accepting your decision to reject Him. It's up to you. You're allowed to choose, and God will not interfere with that choice. That may look to you like God is standing at a distance. It's more that he's not interested in forcing your hand.
Rejecting God is entirely your choice. The consequence of rejecting God is that existance w/out God is horrible. It's awful. It's the worst possible thing that can be imagined. You've never experienced it because the world is filled, from head to toe, with God. The classic image of hell is only a description of what the consequence of that rejecting God is like. For another description try reading "The Great Divorce" by CS Lewis.
Ok... well prove that OJ killed Nicole. It's certainly not anything that anyone other than Ron & Nicole saw, but the vast majority of people simply believe it to be true. Or maybe you don't. Fine, then prove that you looked at your clock this morning at whatever time you looked at your clock.
The reality is that somethings are true, but can't be proven. (This was formalized, for mathmatics, by Goedel.) Proving an experience can be *very* difficult to do.
I do believe in God. I believe that Jesus is the person of God written into the history of the universe. And I believe that God did this as the ultimate proof that good will win over evil. I believe these things because I've had certain experiences that make it difficult, if not impossible, for me to compose a credible rejection. Can I prove it? No, but so what? I can't prove to you that my 20 month old son woke up at 6:17 am this morning, either. But I'm completely certain that both are true.
What? No it wasn't. The ruling was about a scientist who wanted to electronically publish source code so that it could be discussed with his peers! This wasn't about that scientist's right to use encryption. It was about his right to post source code. And the ruling specifically mentioned that "source code represent[s] communication between computer programmers".
I don't know what ruling you were talking about but I see no part of it that looks like the way that you describe it.
If Linus (et al) are publishing source code, isn't this code protected by the first amendment no matter what patent law says? I mean, by sending out the source code, aren't they simply giving a description of *how* a patented thing works, not an implementation of that thing actually working? And since the patent requires that the patented thing be fully described, isn't source code simply a different way of saying something that is already public knowledge?
Couldn't a developer who is being sued for patent infringement simply say, "I'm just exercising first amendments rights.. and besides I'm not saying anything more than you've already said in your patent filing. I'm just saying it in a different language than you."
?
The reason that affirmative action is usually considered bad is because it enforces a choice, not on the merits, but on external factors between otherwise equal candidates. Ironically, this is exactly what it was put in place to help prevent. Most people who are opposed to afirmative action consider it to be unnecessary now. Calling the Digital Software Security Act afirmative action, is saying that you're going to enforce a choice based on an external factor between otherwise equal candidates, and enforcing that choice is simply not necessary.
But the *ENTIRE* point of the DSSA is that it isn't a choice between equals. Proprietary software, should have no place in managing data that is owned by the people. And access to that data should not require that we become beholden to a specific vendor in perpetuity. It's basically saying that the playing field must be level.
Perhaps, there will come a time, when DSSA is not actually necessary and the market for computer software is sufficiently competitive enough that no one vendor would dare to try and misuse protocols for market share. But we're not there yet, and right now, IMHO, we need something to get us there.
I see this event in the same way that I see licensing 6.0. MS is writing the script to their own demise. Do we really think that the general public is this stupid? How many more times does this have to happen before folks refuse to put down money for this stuff. I don't think many, but I'm already converted, so perhaps I'm overly optimistic.
I don't think so. All the attacker has to do is mimic the looks of the site enough to be convincing. At which point getting you to go to the wrong site is realtively easy. DNS is UDP based. So if I want to convince all users at my ISP that www.amazon.com is at my IP address, I simply generate a DNS request for www.amazon.com to my ISP's DNS server, immediately followed by a reply that appears to come from one of amazon's DNS servers. I can even set the TTL to something fairly large. I've now effectively poisoned the DNS cache of my ISP's DNS server, so that when anyone from my ISP wants to go to www.amazon.com, they go to my machine instead.
Getting in the middle isn't really that hard. It used to be that getting in there w/out triggering the SSL verification was hard, but now it's not.
And then later...
Wow! Excellent example of misunderstanding the GPL! There are *NO RESTRICTIONS* on the use of GPL'd code. Don't believe me? Check the GPL:
What this means is that the *only* thing the GPL applies to is redistribution of code. If you simply use the code, you're free to do with it whatever you want (except redistribute it). So I'd recommend that you take your own advice and read the GPL before you start spouting off about what it's implications are.
No. I'm not going to go out and buy a PC + TVcard. I have the PC, and TV cards are incredibly cheap. What I want is the software to effectively turn my existing PC into a DVR. Personally, spending $50 on a tv cap card is a lot more attractive than spending $400 on a Tivo + $200 for lifetime subscription, or $600 on a ReplayTV.
So a click through GPL is silly for end users. Use of the program is not restricted by the GPL so there's nothing for the user to agree to. It would seem sensible, if you're going to impose restrictions on someone, that you be required to tell them about the restrictions before they are required to abide by them. But in the case of using the software, there are no restrictions. So what is there to tell... except maybe to be nice and inform the user that they have a right to the source code to the program that they're using.
It's only when someone goes and gets the source code, with the intention of redistributing, where the GPL starts to come into play. Becuase, in that case, there are some restrictions that are being placed on the end user if they want to distribute the code. Of course, there should be no reason to require the end user to click to agree to them. The default copyright stance is that you have no rights to copy unless given permission to:
So the question now becomes, when someone downloads the source code, does the source code have to come in a way that presents the GPL to the user prior to granting them access to the source code? And I think the answer is no. Because the default stance of copyright law is that you're *NOT* allowed to copy it unless given permission So if you didn't click through the license, then copyright law does not allow you to distribute it. Oh wait, look here's the GPL which governs the terms under which you can distribute it. In other words, in order to be allowed to distribute, you *MUST READ AND UNDERSTAND THE LICENSE*, because, by default, you don't have any right to distribute.
My personal opinion is that I'd like to not encourage click through licences. I'd rather see copyright licensing become less restrictive rather than more. I'd like to see things like the GPL less necessary, because ideas flow freely by their very nature, and are not artificially restricted by legal constructions.
Allowing open source licenses that require click through is basically saying that we should make the exchange of ideas more restrained by artificial legal contructions. It seems to me that the point of opensource is to promote the benefits of the free flow of ideas. And allowing licenses to require click through is well, not really the point.
But I'm sure that there's some fundamental flaw in my logic here. I leave it to you to point it out to me.
$.02
No one is "messing with" economic theory. Benkler isn't saying that traditional economic theories are wrong. Just that they're not sufficient to explain a newly witnessed phenomenon: Open Source/Free Software.
I provide free software because I have no reason not to. I don't provide it for the hopes of some future consulting dollars. I don't provide it because I wish to maintain control of my work. I use the GPL because I don't want someone to take work that I've already done and make me pay for it in some slightly different form.
For Microsoft and Sun and ..., they only reason they produce software is to sell it. They're not actually concerned about using it to solve a problem that they are experiencing. They're not scratching their own itches. They're guessing at the itch that someone else has and trying to produce a backscratcher that will reach. But for me finished software is simply a scratched itch. I do NOT look at it as an oppurtunity to sell a backscratcher to others with the same itch. If they want it, fine. I've already solved my problem.
But if you want to get some idea of what I really want by releasing my software, it's this. I want access to the backscratchers that others have produced. But not only that with the ability to easily modify their backscratcher to reach my specific itch. This economy is not measured in dollars. It's measured in software, and that, I think is the point of Benkler's article. If you try to measure open source/free software using the traditional mechanisms, you're going to have to start looking for the money. For the *vast* majority of people who produce open source/free software, their just isn't any money involved. (IBM, Red Hat notwithstanding. They provide lots of opensource/free software, but not anywhere near the majority.)
So Benkler is just saying that there are other "enlightened self interest" factors that are involved. Not just money. Since all of the traditional economic production models have centered around money, they're not sufficient.
This is good advice, but it's not the only option.
I put my email address on the web all the time. Here it is:
mark@hornclan.com
I post to USENET.
I don't get spam.
If you've got something that's working for you with sufficient effectiveness, then by all means don't change anything. I personally use RBL's in my postfix MTA, as well as using spamassissin. But those techniques alone were porous. They'd let through sufficient amounts of spam to bother me. That's when I incorporated TMDA in addition to RBL's and spamassassin.
Now I get zero, zip, zilch spam in my mailbox. Additionally, I get some pretty neat other stuff that I can use for outgoing mail that RBL's, etc, don't provide. I really like "dated", "sender" and "keyword" addresses. RBL's and spamassassin don't do anything like that.
But like I said, if what you've got is working, there's no reason to use TMDA.
Yes, but see this FAQ entry.
That's true. But I use TMDA in conjunction with other (less effective) techniques. So I've got RBL 's configured into my postfix mailer. I've also got spamassassin tagging messages that get through the RBL's. TMDA is simply the last ditch effort, that (so far) has been 100% effective at stopping everything that's gotten through the other exceptionally porous filtering mechanisms.
Using TMDA does not mean ceasing use of other techniques. TMDA is just the last thing to guard my mailbox when the other things fail.
Well, if you use it like I use it, then generally speaking it's not a problem. If you post to USENET with any regularity then you probably want to use "dated" addresses. These are email addresses that will expire after a certain amount of time. You can then tell TMDA what you want to do with an email to a dated address that's expired. I bounce these types of emails. So if you're a spammer, and you've harvested an email address off of USENET that I sent greater than 5 days ago, you are not going to get into my mailbox, nor my pending queue.
And the bounce that I send to you, if it fails, will simply get automatically deleted. That's because I send all bounce messages as being from "mark-devnull@hornclan.com". If I get a message back to that address, I know that it came from my attempt to reply to a spammer, so TMDA just delete it for me.
OTOH, if you're trying to prevent spam from getting to your machine at all, well, that's a much more difficult problem. I use several techniques, in conjunction with TMDA, that prevent spam from getting to my machine. But their effectiveness is terrible. TMDA is the last stop. The one that (so far) has 100% effectiveness, that stops all the stuff that the other techniques don't. That's why I use it.
So what? If your business depends on a feature in the 2.0 series kernel, then it doesn't matter if you have the requisite kernel programming skills. You can buy those. I don't work for redhat, but I'll bet $.50 that they'd take on that support contract. If not them, maybe IBM. If not them, how about contracting with the guy who's doing it right now?
The fact that it's open source means that anyone who's willing to do the work of maintaining the code can. And if you're depending on it, you will always have options.
TMDA takes advantage of this sort of thing. So it does what you're talking about, but it also adds a cryptographic hash onto the extension to verify that you infact were the person who generated the extension. So my equivalant of what you're doing would be:
mark-keyword-slashdot.abc123@hornclan.com
mark-keyword-msn.a1b2c3@hornclan.com
The generation of the hash depends on a secret 140bit key that only I know. Thus I can create these things whenever I want and use them without modification to my mailsetup and be confident that no one else can generate these things that will get into my mailbox.
Other types of addresses that tmda generates:
Anyway, I'm pretty pleased with TMDA, although, as I say in another post, it can impact one's ego.
Yeah, since I started using TMDA, I've had a mild case of depression. Besides mailing lists, I never really get any email. I used to be able to delude myself into thinking people liked me because I got so much email -- but it was mostly spam. So, apparently, I'm not that popular!
So be careful if you choose to use TMDA. It might impact your ego.
Certainly some other kernel can do things like mount the filesystem. But I think that would be tricky to accomplish remotely using SELinux. Like I said, I don't know much about SELinux, but I'm pretty sure that root is *not* god in that environment. But reading the actual docs on SELinux would probably confirm or deny this.
You might want to be careful with this box that is outside the firewall. If someone can get into it, they can launch applications like xkey This will enable someone to do keyboard monitoring of anyone who's running an X application. Combine that with "netstat -anA inet | grep ESTAB" and you can easily determine some good IP addresses to target. What I'd be concerned about is someone sniffing my keystrokes in my mozilla sessions, getting by all the wonderful SSL encryption!
One way to combat this would be to use X forwarding through ssh as the X11 transport. That way you have to have access to the user's ~/.Xauthority file, which is typically set readonly for that particular user. Which means any local root exploits would grant someone access to all of your customer's keystrokes.
Something else you might want to look into is NSA's SELinux. I don't know much about it, but it seems like you could take advantage of the higher granularity of access controls to limit someone (other than the rightful user) getting access to ~/.Xauthority. Even root wouldn't be able to get access.
Anyway, that's a very cool idea you have. Just be careful.