In case it's not clear from what Jeff said, Kermit 95 binaries that contain
code that does strong encryption (and Kermit 95, thanks to Jeff, contains
quite a bit of it!) can not be made publicly available on the Internet
because US export law does not allow that it finds its way to certain
countries. It might be possible to build a version of K95 that lacks
encryption and to make it available for public download but without an SSH
client it wouldn't be very useful, and anyway it's not my decision.
The source code for the Kerberos, SSL/TLS, and SRP security in Kermit 95
is already publicly available, and has been since 1997, since it is shared
with C-Kermit. There is no restriction of publishing security source code,
only binaries. When binaries are sold, that gives the required degree of
accountability as to where they are going.
Kermit 95's SSH code will be published; it is "merely" an adaptation of
OpenSSH. The parts that will not be published, as stated on the website,
are parts that Columbia does not hold the rights to. The main piece that
falls into this category is the XYZMODEM code, which was licensed from a
company in Finland. Other pieces include some obscure networking methods
like "SuperLAT". Also the graphical Dialer... I suppose the code for that
can be released, but the software that "compiles" the code no longer exists;
the company that made it disappeared.
As for the Kermit 95 manual, I received permission a few days ago to release
it to the public and it is now available in the Kermit website. In the time
I have left, I'll do my best to get a reasonable K95 source package
together. I also have to release a major new C-Kermit version (no small
task). Meanhwile, I have just released Embedded Kermit with an Open Source
license.
It's nice to see all the reminiscing about Commodore 64s and 300-baud modems
and BBSs and such, and it appears that many Slashdot readers are surprised
to find the the Kermit Project still exists after all these years if all
Kermit software does is transfer files VERY SLOWLY over 300-baud modems and
emulate a VT52, but the Kermit Project website is where it has always been
and you could spend several weeks reading it to find out what you missed
since 1983. A good place to find an overview is here:
Like all of you, I wish Kermit software could have been "Free in the sense
of Freedom" all these years, but once Kermit had fulfilled the original
purpose for which it was created at Columbia, the only way Columbia was
going to allow us to continue working on it was if we raised the money
ourselves. And doing so, we provided good jobs for a fair number of people
for about 20 years each, on average, and I like to think we made a
difference.
Frank da Cruz
Founder, Director, and sole surviving member,
The Kermit Project, Columbia University, 1981-2011.
Actually that's what is so devious about it. I thought there was but on second glance, the "King
George II" reference comes from separate pages on
the same site, most likely
this one.
No, the point was that postal addresses (not email)
addresses were being picked up, and in a fairly
sophisticated manner. I believe the Web page in
question is
http://www.columbia.edu/kermit/k95.html which contains our postal address (near the bottom)
and also mentions King George II (near the top). The
address harvester recognized the postal address (no big accomplishment) but also picked out "King George II" as a name. Which I suppose it could be!
Slashdot Mirror
The source code for the Kerberos, SSL/TLS, and SRP security in Kermit 95 is already publicly available, and has been since 1997, since it is shared with C-Kermit. There is no restriction of publishing security source code, only binaries. When binaries are sold, that gives the required degree of accountability as to where they are going.
Kermit 95's SSH code will be published; it is "merely" an adaptation of OpenSSH. The parts that will not be published, as stated on the website, are parts that Columbia does not hold the rights to. The main piece that falls into this category is the XYZMODEM code, which was licensed from a company in Finland. Other pieces include some obscure networking methods like "SuperLAT". Also the graphical Dialer... I suppose the code for that can be released, but the software that "compiles" the code no longer exists; the company that made it disappeared.
As for the Kermit 95 manual, I received permission a few days ago to release it to the public and it is now available in the Kermit website. In the time I have left, I'll do my best to get a reasonable K95 source package together. I also have to release a major new C-Kermit version (no small task). Meanhwile, I have just released Embedded Kermit with an Open Source license.
It's nice to see all the reminiscing about Commodore 64s and 300-baud modems and BBSs and such, and it appears that many Slashdot readers are surprised to find the the Kermit Project still exists after all these years if all Kermit software does is transfer files VERY SLOWLY over 300-baud modems and emulate a VT52, but the Kermit Project website is where it has always been and you could spend several weeks reading it to find out what you missed since 1983. A good place to find an overview is here:
http://kermit.columbia.edu/kermit.html
The transition plan is here:
http://kermit.columbia.edu/transition.html
and progress is reported here:
http://kermit.columbia.edu/whatsnew.html
Like all of you, I wish Kermit software could have been "Free in the sense of Freedom" all these years, but once Kermit had fulfilled the original purpose for which it was created at Columbia, the only way Columbia was going to allow us to continue working on it was if we raised the money ourselves. And doing so, we provided good jobs for a fair number of people for about 20 years each, on average, and I like to think we made a difference.
Frank da Cruz
Founder, Director, and sole surviving member,
The Kermit Project, Columbia University, 1981-2011.
Actually that's what is so devious about it. I thought there was but on second glance, the "King George II" reference comes from separate pages on the same site, most likely this one.
No, the point was that postal addresses (not email) addresses were being picked up, and in a fairly sophisticated manner. I believe the Web page in question is http://www.columbia.edu/kermit/k95.html which contains our postal address (near the bottom) and also mentions King George II (near the top). The address harvester recognized the postal address (no big accomplishment) but also picked out "King George II" as a name. Which I suppose it could be!