Unless I'm alone here, being able to run X11 apps in cygwin and native win32 apps at the same time is one of the best features of cheap x86 boxen.
I think that spending resources and efforts on the platform, which keeps only about 5% in US (and much less outside), is insane. It would be much better to port Portage to cygwin and thus to introduce many windows users with the best packager in the world.
Consider this: how many users can run how many commercial native OSX applications? Now, how many users can run how many commercial native win32 applications? Porting Portage to Cygwin will give you a corporate market, while porting Portage to OSX will give you just few more geeks.
White list based on From/Return fields is not safe - it's too easy to change From/Return fields. E-signature is the only safe way for identification. Thus the whitelist must be based on fingerprints (read: public keys). That's exactly what I am proposing.
should be another way around: the scenes of sex and vilence should be able for being activated, as add-ons. Otherwise, a muslim will buy a movie and watch all offensive scenes anyway in order to cut them out. So, **AA must sale pre-edited copies, when someone may decide to switch such scenes on.
If you are a plumber, can you require (in the same doc that you publish your email address) that all email must be signed and it must be sent from a "real" preason (who must be ready to answer for a challenge message)?
Then your problem is solved: 90% of spam is from email-address which will never answer. 9% - from who will never sign it with anything traceable. The rest 1% - you can live with that.
Trusted E-signature (and challenge-feedback to get it trusted) - is the only way to go.
Actually, plumber may require even special format and content for the first message from previously unkbown person. Spammers will never filout any special forms as they use bulk lists. So, the problem's solved.
Isn't it easier to exchange pub-keys with your friends and use good-old e-signature methods? What could be simpler? Just read only that email that is signed by a trusted key. All unsigned emailk - delete them! And if you've got email with untrusted-yet key - send (not by you - by your script) the challenge message back - if it's not a robot the person will answer and most likely you want to read it. If it was a bill from your vendor or your bank or it's from a dev mail-list - you still can tune your filtering to catch such repeatable-regular-recognizable "friendly-spamming" messages.
Re:What does the NDA encompass?
on
My Visit to SCO
·
· Score: 1
the NDA obviously restricts people from discussing the NDA.
So, it's a filter. If you read NDA and sign it then you'll get some insider news to discuss, but not NDA itself.
But if you read NDA and don't sign it then you don't get insider news to discuss, however you can still enjoy discussing NDA itself.
Next time he should tak an assistent, who will read without signing NDA. Then they both can discuss with readers both insider news and NDA.
In order to log securely (encrypted) *AND* readable-by-court I am thinking that *ALL* private keys must be stored on the server side, in some sort of "private key server", which should keep all private keys also *encrypted* with the special super key, that must be kept somewhere in very secret place of the organization. Then Jabber server can just log encrypted messages - no one, besides those private key holders can read them anyway. But if the court will issue the warrant then that special super-key can be accessed, as well as all the private keys right after that, and then all messages could be decrypted for reading.
Alternatively, the messages could be encrypted with two keys (one of a recepient and the other one of the superuser), but I am not sure if gpg can decrypt such two-keys-ecrypted messages having only one of those key at a time.
The solution is acutally quite simple. If you don't want your work to fall under the GPL, don't base it on GPL software.
Wrong.
If you don't want your work to fall under the GPL, then make sure that your work is a modified GPL code. You still can include any GPL software (with its source code) into your package, and keep the resulting package under any license. But if you modify any GPL code then make sure that the modified piece stays under GPL.
The GPL license COULD potential open a business up for a lawsuit
... and...
The safest, and most appropriate license for government-funded and government-created software is the BSD license.
Did I miss anything on the middle? If we talk about business then let's talk about business (not about goverment). Than I would agree that BSD and GPL has own problems. BSD doesn't protect against competitors who can rip your contribution off without paying you back any recognition. GPL lets your competitors to seed the FUD against your products (which is not true, but it breakes the reputation anyway).
But if we talk about goverment, then let's talk about goverment (not about business). Then, all thus FUD about GPL (that "you cannot modify and sell it", which is not true - look at RedHat) doesn't seem to be applied here - who cares can you sell it or not (well I repeat - you can sell it). Or, ignoring all that FUD, who cares that you have to deploy (sell or publish) *WITH* source code - it's already paid by taxpayers, right?
I agree with RMS in a part that GPL is more about speech-freedom than a product-price. I think from speech-freedom prospective, GPL is much more appropiate for goverments. Unless a goverment is a part of dictatorship.
The major question I keep asking about Jabber's server-side logging is: if the server logs all messages and they are encrypted with some keys, then where are those keys to decrypt them? What's the guarantee that they logged on the server secure enough? And what's the chance that the court will still have the access to those keys in order to decrypt the messages?
Either Jabber Studio is broken, or msglog is very pre-alpha, or both, but I cannot find any documents describing any features of msglog.
The question is: if it logs end-to-end encrypted messages, does it log them along with keys used to encrypt them? And if not then what's the point to log messages if the court won't be able to read them?
The question is: if you log encrypted Jaber message, is it possible to decrypt it later, having proper keys? In other words, are those keys (used to encrypt) rapairable later?
I guess, if you logg all encrypted mesages, you have to log the keys used to encrypt them. But if you log the key on the same server than for the server the message is not encrypted anymore.
As for today all international decisions must be approved by one or another US goverment organization. Otherwise US Goverment reserves the right to fix the problem by all means.
Most of people living in the most populated states (such as California, Florida, Texas and New York) did not finish their ESL classes yet. But no matter, if you glad or not - they live in the same country as you. Respect them, they might be unique (different than you in some aspects), but that doesn't make you better than them. I advise you to go back to your school and learn good manners. For example, if you criticize someone - do it with your open face, not as anonymous coward.
One more time: SMTP as a protocol is not for anonymous communications. If you need such - use web-based forms. I don't want you to give up your rights for anonymous communications. Just use a correct protocol (HTTP) for that.
As for accessing an airplane without ID... ask how many people liked it BEFORE 9/11, opinions after do NOT count since they are the direct result of fear from terrorism.
After 9/11 many american just woke up. Look at Russia: they have never doubts that airplane access must be with proper ID. When you have Chechnya on your territory you know the real meaning of safity. When we, russian programmers, came to US, we've been shocked watching as the whole country is absolutely unprotected from inside attacks. And in many aspects it's still far from being protected, comparing to other countries living their real life.
What I see on the map is that it can be exported only to Antarctida.
BTW, I think that us's restriction on exporting crypto is very stupid. It doesn't really protect US national security, as there are non-US crypto algorithms (I used one back in Russia, and I heard of similar strong encryption in Western Europe).
BTW-2, I remember PGP was exported anyway being printed on a solid paper and scanned in norway. As Plan-9 today is an open source, someone will print and scan it same way as PGP. Don't you think?
Besides, once it's on FTP, French/British/German/Japanees/Australians will mirror, it. Then South Africans, Brasilians, and Poland. Then Russians, Columbians, Chinees. I doubt that US will control Russian or Chinees ftp servers for the subject of letting North Korean to mirror Plan-9 from them.
It's just one more proof that US goverment is very-really-seriously stupid.
I wonder what are reasons behind such export limitations? Is this OS better than Linux to develop nuclear weapons? I understand, it's distributed, but I doubt there are many computers in NK that you can distribute the OS across them.
I understand usual stupidity outcoming from US goverment - that's already normal. But why ATT is the same stupid?
I don't know about you, but as for me the look-n-feel of P9 UI seems a step backward. It reminds me X11 of early 90's. It might be a step forward for former TTY people (who stuck to late 70's), but I afraid there is no many TTY people left around. People today compare OSX vs GNOME vs KDE vs XP.
it's not a typo. There are top managers (chief officers, VPs) who live on their salary, and there are top managers who live on commisions. Guess which living is better? Now, there are commisions for selling the products and there are commisions for for selling the company (M&A, or just keep seeling good reports to the investors). And guess which commisions are bigger? Basically, the more you have of commisions is the less salary actually you need;)
Slashdot Mirror
I think that spending resources and efforts on the platform, which keeps only about 5% in US (and much less outside), is insane. It would be much better to port Portage to cygwin and thus to introduce many windows users with the best packager in the world.
Consider this: how many users can run how many commercial native OSX applications? Now, how many users can run how many commercial native win32 applications? Porting Portage to Cygwin will give you a corporate market, while porting Portage to OSX will give you just few more geeks.
White list based on From/Return fields is not safe - it's too easy to change From/Return fields. E-signature is the only safe way for identification. Thus the whitelist must be based on fingerprints (read: public keys). That's exactly what I am proposing.
should be another way around: the scenes of sex and vilence should be able for being activated, as add-ons. Otherwise, a muslim will buy a movie and watch all offensive scenes anyway in order to cut them out. So, **AA must sale pre-edited copies, when someone may decide to switch such scenes on.
UK is not MOST.
Then your problem is solved: 90% of spam is from email-address which will never answer. 9% - from who will never sign it with anything traceable. The rest 1% - you can live with that.
Trusted E-signature (and challenge-feedback to get it trusted) - is the only way to go.
Actually, plumber may require even special format and content for the first message from previously unkbown person. Spammers will never filout any special forms as they use bulk lists. So, the problem's solved.
Isn't it easier to exchange pub-keys with your friends and use good-old e-signature methods? What could be simpler? Just read only that email that is signed by a trusted key. All unsigned emailk - delete them! And if you've got email with untrusted-yet key - send (not by you - by your script) the challenge message back - if it's not a robot the person will answer and most likely you want to read it. If it was a bill from your vendor or your bank or it's from a dev mail-list - you still can tune your filtering to catch such repeatable-regular-recognizable "friendly-spamming" messages.
But if you read NDA and don't sign it then you don't get insider news to discuss, however you can still enjoy discussing NDA itself.
Next time he should tak an assistent, who will read without signing NDA. Then they both can discuss with readers both insider news and NDA.
Alternatively, the messages could be encrypted with two keys (one of a recepient and the other one of the superuser), but I am not sure if gpg can decrypt such two-keys-ecrypted messages having only one of those key at a time.
As for LGPL, as far as I know it's not much different then GPL, it's just better suitable for libraries.
How about Smoking Gun? Just an idea, for a case he will wipe that link out.
Wrong.
If you don't want your work to fall under the GPL, then make sure that your work is a modified GPL code. You still can include any GPL software (with its source code) into your package, and keep the resulting package under any license. But if you modify any GPL code then make sure that the modified piece stays under GPL.
How hard to understand that?
The safest, and most appropriate license for government-funded and government-created software is the BSD license.
Did I miss anything on the middle? If we talk about business then let's talk about business (not about goverment). Than I would agree that BSD and GPL has own problems. BSD doesn't protect against competitors who can rip your contribution off without paying you back any recognition. GPL lets your competitors to seed the FUD against your products (which is not true, but it breakes the reputation anyway).
But if we talk about goverment, then let's talk about goverment (not about business). Then, all thus FUD about GPL (that "you cannot modify and sell it", which is not true - look at RedHat) doesn't seem to be applied here - who cares can you sell it or not (well I repeat - you can sell it). Or, ignoring all that FUD, who cares that you have to deploy (sell or publish) *WITH* source code - it's already paid by taxpayers, right?
I agree with RMS in a part that GPL is more about speech-freedom than a product-price. I think from speech-freedom prospective, GPL is much more appropiate for goverments. Unless a goverment is a part of dictatorship.
The major question I keep asking about Jabber's server-side logging is: if the server logs all messages and they are encrypted with some keys, then where are those keys to decrypt them? What's the guarantee that they logged on the server secure enough? And what's the chance that the court will still have the access to those keys in order to decrypt the messages?
The question is: if it logs end-to-end encrypted messages, does it log them along with keys used to encrypt them? And if not then what's the point to log messages if the court won't be able to read them?
I guess, if you logg all encrypted mesages, you have to log the keys used to encrypt them. But if you log the key on the same server than for the server the message is not encrypted anymore.
Or did I miss anything?
... or even more simple: don't use any IM, use just SMTP (in other words - back to email), which works same fast being configured properly.
As for today all international decisions must be approved by one or another US goverment organization. Otherwise US Goverment reserves the right to fix the problem by all means.
Most of people living in the most populated states (such as California, Florida, Texas and New York) did not finish their ESL classes yet. But no matter, if you glad or not - they live in the same country as you. Respect them, they might be unique (different than you in some aspects), but that doesn't make you better than them. I advise you to go back to your school and learn good manners. For example, if you criticize someone - do it with your open face, not as anonymous coward.
As for accessing an airplane without ID... ask how many people liked it BEFORE 9/11, opinions after do NOT count since they are the direct result of fear from terrorism.
After 9/11 many american just woke up. Look at Russia: they have never doubts that airplane access must be with proper ID. When you have Chechnya on your territory you know the real meaning of safity. When we, russian programmers, came to US, we've been shocked watching as the whole country is absolutely unprotected from inside attacks. And in many aspects it's still far from being protected, comparing to other countries living their real life.
BTW, I think that us's restriction on exporting crypto is very stupid. It doesn't really protect US national security, as there are non-US crypto algorithms (I used one back in Russia, and I heard of similar strong encryption in Western Europe).
BTW-2, I remember PGP was exported anyway being printed on a solid paper and scanned in norway. As Plan-9 today is an open source, someone will print and scan it same way as PGP. Don't you think?
Besides, once it's on FTP, French/British/German/Japanees/Australians will mirror, it. Then South Africans, Brasilians, and Poland. Then Russians, Columbians, Chinees. I doubt that US will control Russian or Chinees ftp servers for the subject of letting North Korean to mirror Plan-9 from them.
It's just one more proof that US goverment is very-really-seriously stupid.
I understand usual stupidity outcoming from US goverment - that's already normal. But why ATT is the same stupid?
MkLinux
I don't know about you, but as for me the look-n-feel of P9 UI seems a step backward. It reminds me X11 of early 90's. It might be a step forward for former TTY people (who stuck to late 70's), but I afraid there is no many TTY people left around. People today compare OSX vs GNOME vs KDE vs XP.
it's not a typo. There are top managers (chief officers, VPs) who live on their salary, and there are top managers who live on commisions. Guess which living is better? Now, there are commisions for selling the products and there are commisions for for selling the company (M&A, or just keep seeling good reports to the investors). And guess which commisions are bigger? Basically, the more you have of commisions is the less salary actually you need ;)