Seriously, is this any surprise? Every time I go looking for some generic piece of software (as opposed to some specific software I already know and trust), I usually have to sift through a bunch of crap links to sites that exists for no other purpose than to collect ad revenue.
Dunno what sites you're looking at. I just go to Freshmeat.
If you buy this song, you run the risk that it somehow ends up on the filesharing networks with your name written all over it
'Somehow'? How, exactly? By you uploading it to a filesharing network, perhaps? There is no other way (and no, there do not exist Russian botnet gangs trying to compromise your machine in order to copy your Britney MP3s).
The SCO Group's market valuation compared against the winnings they hope to get from lawsuits lets you calculate the market's view of the chance that they will be successful. A few years ago someone calculated that the chance of SCO winning was about 3.7%. SCO's current market capitalization is about $10M. I don't know if the book value of their assets is worth anything - probably not if they owe Novell almost all that money they got from Microsoft. So somebody, somewhere still thinks there is a faint chance of being awarded _something_. But certainly not the $5G crazy money figures they used to throw around.
Think in binary all you want - having binary prefixes for 1024, 1024^2, 1024^3, 1024^4 and so on is probably a good idea. But don't misuse the standard kilo-, mega-, giga-, tera-. Since 1024^3 is not the same as 1000^3, it should get a different prefix. Because the prefix kilo- is already taken (and was defined as 1000 long before digital computers were invented), we need to use some other prefix to mean 1024.
In a way it is misleading to expect 'the components to act the same way' when talking about disks or network cards. Unlike RAM, disks don't have a power-of-two organization and there is no particular reason why blocks of 2^23 bits are more appropriate than any other size for measuring capacity.
I think that the '40 megabyte' branding is just rounding to a multiple of ten... but anyway, the first commercial hard disk, the IBM 305, had a capacity of five megabytes - five million bytes, exactly - and was sold as such. Actually, it could have held more, but marketing thought that five megabytes was a nice round number. (Some of the space was taken for error correction, though.)
(The long series of calculations you have to go through in your post are the best argument for ditching the 1024*1024*1024 nonsense and just using thousands, millions and billions like the rest of the world.)
Yeah, and while we're at it, let's stop all that marketing bullshit in the network card industry, which sells so called 'gigabit Ethernet' cards that actually only manage 1_000_000_000 bits per second, and in processor speeds, which give you a processor several percent slower than you were expecting by using a crooked definition of gigahertz.
I think the largest part of the 'cost' is promotion.
Also bear in mind that only a small proportion of artists are commercially successful. Charging a high price for the tiny few who do succeed is what covers the costs of the large number who don't. Perhaps it is wrong to call this 'costs' - maybe a better way of expressing it is that the large profit on some acts covers the many small losses on less successful acts.
However, I don't have the numbers on how much record companies spend on promoting small acts that they hope will be a success, but ultimately end up losing money. So this justification may not hold water.
Dear anonymous coward, the exploit (if you call it that) is for pure Java (there is a pure-Java demo on the site), but there is also a thing called LiveConnect that lets you call Java functions from JavaScript, which allows a more compact implementation.
The whole point of Java was that it was super-sandboxed when running applets and you could enable it for all sites. To prevent phishing, any windows created by a Java applet would have to show 'Warning: Applet window' and a big red border or something like that. I wonder what went wrong to allow this attack, and whether it has been in Java since the beginning (i.e. would work even with Netscape 2.0) or takes advantage of some recently added kewl feature that forgot to do sandboxing properly.
I think that the danger of a software patent can be divided into two parts: whether the program falls within the scope of the patent, and whether the patent would hold up in court. If someone patented quicksort and your program implements quicksort, then it infringes the patent without question, and you don't need to go to court to determine that. However, if the patent holder tried to sue then you could almost certainly get the patent overturned.
I think we are in agreement. Any complex program will 'infringe' on software patents, and in particular Linux does so - but this is not necessarily something to worry about. I was responding to an earlier post that questioned whether 'open source' code released by Microsoft should be avoided because it could not be guaranteed to be 'patent-free'. I pointed out that virtually no complex program is 'patent-free' and mentioned that Linux infringes on lots of software patents, yet this is not a reason to avoid using Linux.
Since Microsoft are submitting their licence text to the OSI for approval, you don't need to be completely certain what rights it grants you - if you trust the OSI, you can take their judgement about whether the licence is free or not. If you don't trust the OSI's judgement then you must read the text and judge for yourself. But if you decide it's non-free, it would be better to do so by finding specific parts of the text which make the software non-free (or whose meaning is unclear and might make it non-free), rather than by reasoning that if it comes from Microsoft then it must be bad.
I don't think it is helpful to talk in terms of 'IP' (since that muddles together copyright and patents) and especially not 'IP theft' which makes it sound like some kind of moral issue. Any complex operating system infringes software patents. Some of those patents would likely be invalidated in court, some of them are stronger and would not be. Some of the patents will be held by Microsoft and some by other companies. That's just the way it is (in the USA anyway).
If a patent ends up implemented in OSS one should prove the implementation has been stolen or the patent should have expired/not have been awarded in the first place.
That is a good outcome, but it's not always possible. You and I may think a patent should not have been awarded, but the patent office and the courts may think otherwise. It's fantasy to imagine that every single software patent can be overturned. Often you just have to live with them (a good example was the Unisys GIF patent that stopped people distributing GIF-encoder software in the United States.)
The right answer is not to rely on challenging individual patents, but to fix the whole system so that patents are not granted for computer programs (those being covered by copyright instead). I am not defending the software patent system at all, just pointing out the reality, which is that Linux infringes software patents held by others.
The GPL doesn't allow easy mixing with code under any other licence. It doesn't when the result wouldn't be free.
No, it does not allow it at all. If you distribute a derived work of a GPLed program (unless you have special extra permission from the copyright holder) then the whole resulting work must be distributed under the GPL or not distributed at all.
Studies - not done by Microsoft - have found that just the kernel violates hundreds of software patents. Even if you dispute the exact number, there's no way that it is zero. Have you seen the triviality of many software patents? It is impossible to write a complex program without infringing on patents held by others.
This is not FUD and it is not something to be ashamed of. Microsoft Windows also violates patents held by others. Practically all software does.
There's no violation until a court of law states there is.
This is clearly not true. If a patent is infringed, it is infringed now, even though you may not discover the fact of the infringement until later.
* Are we guaranteed that the code is patent-free and will always be open for continued use?
You are not guaranteed that with any other free software program. In fact, it's almost guaranteed that it does infringe software patents (both those existing now, and those that will be granted in the future).
* Does their shared-source license allow easy mixing with other FLOSS code, eg GPL and BSD licenses?
The GPL doesn't allow easy mixing with code under any other licence, so this seems a little unfair - but yes, practically speaking it may be a problem. Mixing with MIT-style or new-style BSD code is usually unproblematic since you can just relicense that code to match the fussier licence.
* Is there another, more well-established solution to the problem their code is solving?
Almost all free software projects fail this test.
* And considering the "stability" of M$ products, do we even trust the code to do what they claims
The whole point is that you can read the code for yourself, so you don't have to trust anyone.
I think a better list of things to consider is whether you have freedom to (1) use, (2) share, and (3) change the software. If you can do all those then it's free software, no matter which company it came from. There's no reason to hold Microsoft-written code to a different standard to other code. If it's free it's free.
I feel the OpenBSD guys are right. In general, a simpler system is less likely to have bugs (and hence security holes) than a more complex one. Indeed the first rule of programming is 'keep it simple'. CVS is an old program, having started life as a collection of shell scripts around RCS and then been gradually borged into a C program. CVS development hasn't exactly been rapid in the past few years and it is barely being maintained (look at the CVS site on Savannah).
CVS has had plenty of security holes and still does (like this one I found recently). In many ways it's a classic example of the kind of crusty traditional Unix program that the OpenBSD people have done such a good job securing, rewriting and replacing over the past decade.
As for moving to Subversion - plenty of people are happy with CVS; it has its limitations, but what it does, it does well. The project has a lot of infrastructure built round CVS and if the development process ain't broke, why fix it?
How does an individual customer have any chance of determining whether the slots are 'tight' or 'loose'? You might notice one or two big wins on a particular day, but it's unlikely to be statistically significant - that is, whatever effect you observe is more likely to be caused by chance than by the casino adjusting the average payout.
In Britain I believe gambling machines are required to state the average payout on the front.
The 'extra virgin' classification doesn't mean very much now, if it ever did. It essentially means it comes from the first pressing of the olives. But with modern machinery, the first pressing can extract a large amount of oil. In some countries most olive oil produced counts as extra virgin, with lower grades made in smaller quantities. So it's not exactly a waste to use it for frying - it often isn't much more expensive than lower-grade olive oil.
You are right that chemically it may not be well suited for frying. Perhaps lard is best after all.
As I understand it, what matters is *published* prior art. You can get a patent invalidated if there was prior art that the patent office missed - but not just because somebody was already using the same invention in secret.
However, you may not want the examiner to be able to see all prior art. As Don Marti pointed out, that would just allow patent troll companies to design more cleverly worded patents that get around the prior art but are still able to cause damage - and indeed are more difficult to invalidate. Better to publish in a way that can be proven in court later, but not in a way that makes it easy for patent trolls and the patent office (who both have a vested interest in granting, not rejecting patents) to use it.
Suppose you can see when the front of the car passes the back of the detector, and when the front of the car passes the front of the detector. That gives you its speed (time taken divided by the length of the detector, which you know). Then suppose you can see when the back of the car passes the back of the detector. This lets you work out the length of the vehicle: speed times the time between when the front of the car passes the back of the detector and when the back of the car passes the back of the detector.
I'm not saying it necessarily works like that, but it shows that if the detector is more complex than just a single point that records 'light' or 'darkness', you can work out length and perhaps other characteristics of the vehicle as well as how fast it is travelling.
A few years back there was a Krusty Kola in real life, with the slogan 'nine out of ten kids can't tell the difference!'. It wasn't a commercial success, perhaps because its deliberately sick-looking yellow-green colour was too much for most children to handle...
Slashdot Mirror
Remind me again, which of the two formats is less evil? Does either of them have a hope of being played with free software?
The SCO Group's market valuation compared against the winnings they hope to get from lawsuits lets you calculate the market's view of the chance that they will be successful. A few years ago someone calculated that the chance of SCO winning was about 3.7%. SCO's current market capitalization is about $10M. I don't know if the book value of their assets is worth anything - probably not if they owe Novell almost all that money they got from Microsoft. So somebody, somewhere still thinks there is a faint chance of being awarded _something_. But certainly not the $5G crazy money figures they used to throw around.
Think in binary all you want - having binary prefixes for 1024, 1024^2, 1024^3, 1024^4 and so on is probably a good idea. But don't misuse the standard kilo-, mega-, giga-, tera-. Since 1024^3 is not the same as 1000^3, it should get a different prefix. Because the prefix kilo- is already taken (and was defined as 1000 long before digital computers were invented), we need to use some other prefix to mean 1024.
In a way it is misleading to expect 'the components to act the same way' when talking about disks or network cards. Unlike RAM, disks don't have a power-of-two organization and there is no particular reason why blocks of 2^23 bits are more appropriate than any other size for measuring capacity.
I think that the '40 megabyte' branding is just rounding to a multiple of ten... but anyway, the first commercial hard disk, the IBM 305, had a capacity of five megabytes - five million bytes, exactly - and was sold as such. Actually, it could have held more, but marketing thought that five megabytes was a nice round number. (Some of the space was taken for error correction, though.)
(The long series of calculations you have to go through in your post are the best argument for ditching the 1024*1024*1024 nonsense and just using thousands, millions and billions like the rest of the world.)
Yeah, and while we're at it, let's stop all that marketing bullshit in the network card industry, which sells so called 'gigabit Ethernet' cards that actually only manage 1_000_000_000 bits per second, and in processor speeds, which give you a processor several percent slower than you were expecting by using a crooked definition of gigahertz.
Why not? There is a lot of empty space in Arizona.
I think the largest part of the 'cost' is promotion.
Also bear in mind that only a small proportion of artists are commercially successful. Charging a high price for the tiny few who do succeed is what covers the costs of the large number who don't. Perhaps it is wrong to call this 'costs' - maybe a better way of expressing it is that the large profit on some acts covers the many small losses on less successful acts.
However, I don't have the numbers on how much record companies spend on promoting small acts that they hope will be a success, but ultimately end up losing money. So this justification may not hold water.
Dear anonymous coward, the exploit (if you call it that) is for pure Java (there is a pure-Java demo on the site), but there is also a thing called LiveConnect that lets you call Java functions from JavaScript, which allows a more compact implementation.
The whole point of Java was that it was super-sandboxed when running applets and you could enable it for all sites. To prevent phishing, any windows created by a Java applet would have to show 'Warning: Applet window' and a big red border or something like that. I wonder what went wrong to allow this attack, and whether it has been in Java since the beginning (i.e. would work even with Netscape 2.0) or takes advantage of some recently added kewl feature that forgot to do sandboxing properly.
I think that the danger of a software patent can be divided into two parts: whether the program falls within the scope of the patent, and whether the patent would hold up in court. If someone patented quicksort and your program implements quicksort, then it infringes the patent without question, and you don't need to go to court to determine that. However, if the patent holder tried to sue then you could almost certainly get the patent overturned.
I think we are in agreement. Any complex program will 'infringe' on software patents, and in particular Linux does so - but this is not necessarily something to worry about. I was responding to an earlier post that questioned whether 'open source' code released by Microsoft should be avoided because it could not be guaranteed to be 'patent-free'. I pointed out that virtually no complex program is 'patent-free' and mentioned that Linux infringes on lots of software patents, yet this is not a reason to avoid using Linux.
Since Microsoft are submitting their licence text to the OSI for approval, you don't need to be completely certain what rights it grants you - if you trust the OSI, you can take their judgement about whether the licence is free or not. If you don't trust the OSI's judgement then you must read the text and judge for yourself. But if you decide it's non-free, it would be better to do so by finding specific parts of the text which make the software non-free (or whose meaning is unclear and might make it non-free), rather than by reasoning that if it comes from Microsoft then it must be bad.
I don't think it is helpful to talk in terms of 'IP' (since that muddles together copyright and patents) and especially not 'IP theft' which makes it sound like some kind of moral issue. Any complex operating system infringes software patents. Some of those patents would likely be invalidated in court, some of them are stronger and would not be. Some of the patents will be held by Microsoft and some by other companies. That's just the way it is (in the USA anyway).
The right answer is not to rely on challenging individual patents, but to fix the whole system so that patents are not granted for computer programs (those being covered by copyright instead). I am not defending the software patent system at all, just pointing out the reality, which is that Linux infringes software patents held by others.No, it does not allow it at all. If you distribute a derived work of a GPLed program (unless you have special extra permission from the copyright holder) then the whole resulting work must be distributed under the GPL or not distributed at all.
This is not FUD and it is not something to be ashamed of. Microsoft Windows also violates patents held by others. Practically all software does.This is clearly not true. If a patent is infringed, it is infringed now, even though you may not discover the fact of the infringement until later.
I think a better list of things to consider is whether you have freedom to (1) use, (2) share, and (3) change the software. If you can do all those then it's free software, no matter which company it came from. There's no reason to hold Microsoft-written code to a different standard to other code. If it's free it's free.
I feel the OpenBSD guys are right. In general, a simpler system is less likely to have bugs (and hence security holes) than a more complex one. Indeed the first rule of programming is 'keep it simple'. CVS is an old program, having started life as a collection of shell scripts around RCS and then been gradually borged into a C program. CVS development hasn't exactly been rapid in the past few years and it is barely being maintained (look at the CVS site on Savannah).
CVS has had plenty of security holes and still does (like this one I found recently). In many ways it's a classic example of the kind of crusty traditional Unix program that the OpenBSD people have done such a good job securing, rewriting and replacing over the past decade.
As for moving to Subversion - plenty of people are happy with CVS; it has its limitations, but what it does, it does well. The project has a lot of infrastructure built round CVS and if the development process ain't broke, why fix it?
How does an individual customer have any chance of determining whether the slots are 'tight' or 'loose'? You might notice one or two big wins on a particular day, but it's unlikely to be statistically significant - that is, whatever effect you observe is more likely to be caused by chance than by the casino adjusting the average payout.
In Britain I believe gambling machines are required to state the average payout on the front.
No I can't provide a link... and I suppose I should not be too surprised that some moderator has flagged the comment 'informative'...
The 'extra virgin' classification doesn't mean very much now, if it ever did. It essentially means it comes from the first pressing of the olives. But with modern machinery, the first pressing can extract a large amount of oil. In some countries most olive oil produced counts as extra virgin, with lower grades made in smaller quantities. So it's not exactly a waste to use it for frying - it often isn't much more expensive than lower-grade olive oil.
You are right that chemically it may not be well suited for frying. Perhaps lard is best after all.
According to Wikipedia, the average per-character entropy of English text has tripled in the last six months!
As I understand it, what matters is *published* prior art. You can get a patent invalidated if there was prior art that the patent office missed - but not just because somebody was already using the same invention in secret.
However, you may not want the examiner to be able to see all prior art. As Don Marti pointed out, that would just allow patent troll companies to design more cleverly worded patents that get around the prior art but are still able to cause damage - and indeed are more difficult to invalidate. Better to publish in a way that can be proven in court later, but not in a way that makes it easy for patent trolls and the patent office (who both have a vested interest in granting, not rejecting patents) to use it.
Suppose you can see when the front of the car passes the back of the detector, and when the front of the car passes the front of the detector. That gives you its speed (time taken divided by the length of the detector, which you know). Then suppose you can see when the back of the car passes the back of the detector. This lets you work out the length of the vehicle: speed times the time between when the front of the car passes the back of the detector and when the back of the car passes the back of the detector.
I'm not saying it necessarily works like that, but it shows that if the detector is more complex than just a single point that records 'light' or 'darkness', you can work out length and perhaps other characteristics of the vehicle as well as how fast it is travelling.
A few years back there was a Krusty Kola in real life, with the slogan 'nine out of ten kids can't tell the difference!'. It wasn't a commercial success, perhaps because its deliberately sick-looking yellow-green colour was too much for most children to handle...