Maybe employing Runes for the first two "S" and propagating that 'spelling' will make people stop and think about the beast. Although its on par with "Micro$oft", legislation with that conotation might be a little harder to push through.
But then it's probably tacked at the end of a long list of laws to be decided over all at once, as the last item in some friday afternoon session.
Well, if the alternatives are, doing something anonymous, or standing up for it and daring a lawsuit this may be right. But if the alternatives are, doing something anonymous, or not doing anything at all for fear of a lawsuit, doing something might be the better path of action.
I think, that in the case in question the anonymous programmer has done enough to make the security flaw public (he demonstrated it to the author of the article AFAIK) while opening himself not too wide to lawsuits. Now releasing the code (even on freenet) wouldn't be a good course of action, since this might give microsofts lawyers enough of a lever to subpoena his name from MIT Tech. Rev. It would be inconsistent with his previous course of action too.
Maybe an even better course of action would be, to anounce a security hole but refusing to let out anything else about it "for fear of being sued". One might even go as far as saying that an exploit was never implemented, since even that would be against the DMCA. But one would surely need some lawyers to test the grounds of this.
Maybe the security experts should just leave it up to the writers of trojan horses, worms and virii to find security holes in products whose manufacturers decide to rely on the DMCA for their security and then just point out the number of exploits. I don't know how better to get home the point, that a security hole exists, regardless if it's made public or not.
Well, anyone who really wants to know will know where to look for the true MHz numbers, maybe he'll also know what these numbers are telling him. Since the advent of the P4 comparing MHz numbers for different processor types has become utterly useless, and even before it was just good enough to tell if an Athlon and a P3 played in the same league. Anyone who wanted to know about the performance for a specific app looked it up, and i don't bother much about the types who have too much money to throw it after a 2GHz P4. Most of those would probably be served better with the framerate of q3demo for a reference, but honestly it's not my problem.
Nevertheless the MHz Hype never ended, first AMD used it when they crossed 1GHz, now intel uses it shamelessly with the differently designed P4, not bothering people too much with too many gooey details like pipeline length. Well, still MHz sells, and probably the shops will find a way to clue the customers up about that number if it helps sell.
The sad part about it is, that the MHz number hade quite a little use, for example to compare two Athlons only differing in MHz-rate, knowing that the last 100 MHz gave you a 4% performance boost for a specific ppp, you can't hope for more for the next 100 MHz upgrade. Also it was quite helpful to judge the difference between say a 100 and a 133 FSB, with the same MHz-rate. But as i said, the numbers will be there for those who want to know em.
In fact the United States didn't honour copyright either, they only did so at the beginning of the 20. century. So many popular works were blatantly copied in the USA and the Government didn't even do as much as raise a finger about that. So the USA only began to be concerned about international IP-Laws, when it fit their bill, and when the US american business would profit from it.
Sorry, i don't see anything wrong, with other countries making their own laws with regard to IP-laws. Especially regarding the current state of US american IP-legislation (apparently the product the USA are most eager to export). Maybe it will help to create more sensible international IP-legislation, but most of all, it'll help to break monopolies built solely on ip-laws. Such monopolies are not a good thing, the restrictions of IP-legislation like the DMCA does more harm than good to international R&D.
Where before the industry, the science and the technical knowledge was employed to establish the status quo and cheat 'poorer' countries out of their rich natural resources, now IP-laws are put to work. Japan did the right thing, when they decided 'learn' from other countries to bootstrap their industrial revolution about 1980. Why shouldn't other countries now do the same. Why should these countries consider themselves bound by legislation that originated in the USA and mostly benefits other countries, not them? Why adopt and enforce laws, that hurt their own business?
I really wonder. I mean, there's a company as big as Microsoft, As we all know they have a good marketing team (apparently their marketing is better than the developers, but nevermind), and they don't even manage to do these fake letters right. I mean, this is obviously a planned thing (they even had a statement ready for damage control, after it was discovered), so we can only conclude, that Microsoft wasn't able to come up with enough genuine letters. They could've hired a team of language professors, they could've done som search&replace on other similar letters, they could've built a whole database system compiling genuine support letters. But no, they did it in such an obvious way, even pupils can do better, when copying down their homework from someone else. I think, much scarier than microsofts attempts at world domination is their incompetence.
This shows in marketing, the recent campaigns agains Linux and against softwarepirates did more to discredit Microsofts statements and to drive people away from their products, than to build more customer-relationships. It shows in Microsofts obvious carelessnes with respect to the still ongoing legal battles (their stalling strategies are too obvious, and they're bundling other applications with windows XP, regardless, making it very hard for the courts to be generous about it). And now their incompetence is showing in this campaign, which, now that it became public, is worse for Microsoft, than anything Sun could do to Microsoft with the recent haggling about bundling Java with Windows XP.
Well, i don't know what's disturbing me most: Microsofts success, despite their incompetence, or their incompetence despite their success.
It's even possible, that they launch this attack not from their home account (which would be dumb anyway,... ok they would), but from some server they have access to (maybe by having hacked it before), with a broadband connection. Just because the attacker is connected to the internet via an 56k modem doesn't mean the attack is launched via that line.
But let's not get that in the way of Microsofts denying the relevance of this attack.
Well, be assured of one thing: If Linus would try to change the license-terms of the kernel (beyond some point), even if that was legally possible (which it probably isn't considering all the contributions from people all over the world) there wuld be some ruckus. It would probably include multiple forks of the Linux-Kernel, big haggling over who's in control of kernel-development, people wandering to BSD or trying Hurd. In the essence it would make anything that Linus would draw out of that deal much less worth than what Linux (the kernel) is now. Anyway, it's highly improbable that Linus would even consider such a dumb move...
When reading the following snippet about version changes i decided to do as suggested and have a look at the license:
Read the licenses carefully and rip out parts which give Stallman any possibility to influence your future. Phrases like
[...] GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
just invites him to screw you when it pleases him. Rip out the "any later version" part [...]
And sure enough, it wasn't part of the License itself, but of the (although suggestive) part on how to apply the license to your source code. In the License it says:
13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. [...]
Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation.
This clause seems a little strange at first, and note, that you can restrict the licensing of a library to a specific version of the LGPL (although it's not explicitly said so you can do so by specifying the LGPL-Version). I think there is a good reason for using that option though, as long as one assumes, that the LGPL and the GPL will stay the same in spirit (the [...] part in above quote): what if you merge two libraries or use part of one library with part of another, soon you'll probably find all versions of the LGPL applicable to different parts of the code. Also an upgraded Version might close some loopholes of previous ones, so if you trust the FSF to do the right thing with the LGPL it's probably a good thing to leave the option of a License upgrade open to later developers. And anyway, as long as one person or group of persons keep control of a project (in the sense of being responsible for it) it's their choice, what specific licence the actual code ships with.
I also noted, that (3) allows to elevate LGPLd code to GPLd code. Again this makes sense, in the case that you want to use LGPLd code in a GPLd project (but not vice versa, which wouldn't make sense anyway, since that would 'degrade' the GPL to the LGPL). I think these paragraphs are in there for convenience's sake and not to give RMS total control over anything GPLd. Anyway, ripping the first quoted snippet out of context and using it to picture RMS as a controlfreak is, in my opinion, bad style. RMS often enough comes through, well, overenthusiastic, to say the least. The "GNU/Linux" vs. "Linux" debate doesn't help that either, but let's be honest, Linux wouldn't be what it is today, hadn't the GNU Software and the free software idea already been in place.
I don't think this stuff can survive in open source software. If it comes in an open source package, guess how fast a fork would exist without this "feature"? And if the software it comes with isn't open source, then people would just go for OS-alternative, or even program one themselves.
Another thing is, that the typical Linux/UNIX user is less inclined to have the control over his box wrested away by the OS or some stupid application as most windows users who are used to giving up control over their computer when installing the OS.
Ok, you load a page, see an XYZ-ad, and XYZ paid for the content. And guess who pays XYZ for the advertising? Their customers, one of which might very well be you! Let's say on the average enough readers of aforementioned page prefer the advertised products over competing products, so the costs for advertising is paid by the slightly higher price (if not, why advertise at all?). So at the end of the day the readers of the page not only pay for the content, but also the advertising company by paying more for the products. And all that for obnoxious ads?
Nvidia even makes their hardware talk to DirectX. That means games programed in DirectX will probably get the most out of that graphics boards, and considering nVidias marketshare that's not a bad idea. It gets even better if other chipset manufacturers do that too. And let's be honest, even most linux-folks out there have a w98 boot option if they want to play games not available for Linux. So marketshare is even less of an argument.
The problem with all this is, that DirectX gives Microsoft yet another lever to dominate multimedia formats and applications, for example formats for animated content (let's see if flash-plugins and shockwave go the way of netscape and realplayer in the near future) and this is big: every advertiseing company wants that, guess what they'd pay for development kits, if the stuff is guaranteed to display properly in IE.
Because any script-kiddy reading that article will probably get a hard-on, hacking in there. And they probably won't give a call in advance or leave their address and office hours with the FBI. Well, if i found a security hole on their site i sure as hell wouldn't inform anyone about it, and surely not them.
I really hope their zero-tolerance-policy blows up in their face and leaves them with the shit they deserve, so they serve as a bad example. With their action they only scare law-abiding folks from reporting security-holes to them, but no crackers who stand on the wrong side of the law anyway.
If you want to avoid such troubles you have some options:
- not upgrading at all (do you really need the newest spiffiest kernel?)
- upgrade only after there was some discussion, so you'll be warned about trouble
- wait for the first patches, see if they fix the things you need
- wait for a precompiled kernel (say as rpm) for your distribution
If you want the newest Kernel from kernel.org the day it comes out you're expected to keep your old kernel so you can use that if the newest stuff don't work, and that you take a glance at the compile logs and use that option if something comes up you can't handle.
You don't need to edit "the friggin source code", it's an option. If that newest MS-Stuff breaks you're without that option, you have to roll back (if you can). Since users with the level of knowledge you hint at, are probably relying on their distribution for precompiled kernels i don't see your problem.
Hmm, being a physicist i even know how that superheated water thing works, you can heat water a little above the boiling point without it becoming steam. Only when you disturb it it will boil. Until then it's in an instable equilibrium state. The effect is even used in Bubble chambers: the disturbance by a charged particle is enough to result in a track of bubbles, thus making the particle visible (but be sure to get the timing of that photo right, or you could as well take a photo of your teapot). In chemistry we even learned to put something with an irregular surface in a testing tube before heating it, because it doesn't need a microwave for the effect, nor water. Any liquid being heated 'carefully' enough (and in a container with smooth enough surfaces e.g. glass) will do.
So i wouldn't have discounted that superheated water story anyway. But that also means, before accepting or discounting such a story one should think if one has expertise on the subject. By dismissing it all as a hoax you became the false authority. It's rather better to say "Well i don't know about that, i have to know more before making a statement", maybe followed by "but i don't believe in it". It's ok to have an opinion about the credibility of a statement, but it should be marked thus.
Yeah, wonderful, apart from the bad analogy part, let's play with this one: I have a cheap piece of junk as a plane, your's is quite expensive, also i know where your plane is because i have enough people with binoculars scattered around the world. To make things complete let's limit maneuverability a little, maybe i always know where you'll have to land next to refuel (you know, those sats have limited fuel, your choices of orbits and orbitchanges is thus rather limited.
Now comes the interesting part: Let's say i think i can get away with ramming your plane since you didn't register your course with the correct authorities (neither did i, so it'll all be christened an "accident" later), and i have a grudge against you, because of what you said about my mother.
Now just remember the political chaos that ensued after the US-Spyplane was hit before the chinese coast.
the author makes accidentally an unintended interesting point
... and all that just from mixing up IP (Intelectual Property) with IP (Internet Protocol). As a sidenote: if you outlaw IP (the Internet Protocol) you outlaw the Internet. Anything you put in place of that is not the Internet and should be called different. Don't let anyone get away with 'innovating' a 'new' Internet or somesuch, so that their restricted-net is not confused with the internet (although some organisations already work hard to pervert the basic idea of the internet, namely to have a network of freely communicating participants).
I don't know the reasoning of the EFF, but i guess, they want to go into the talks with adobe with as much options as possible. Once the protests happened it wouldn't make much sense to protest again (many people won't go twice, and the media will most likely not cover a second protest with the same intensity as the first one). So once the protests happened, repeating them is much less of a threat. Hence holding back the protests gives the EFF much more to bargain with.
I think that's a perfectly valid way of reasoning, another is, to use the protests to heighten public awareness of the case and use the publicity of the case in the bargaining ("if you don't want any more egg on your face you better act in a sensible way now"). I think the second way of reasoning is a better longterm strategy, since adobe (and others) will then think twice before pulling similar stunts.
There is another point to consider: The protests should be organized, some protesters with noone to explain to the media, what the issue is, will do no good. What's even worse, it will, as explained, reduce the impact of future protests. Hence i think the protesters should follow the EFFs decisions, since even if the decisions are bad (and it's disputable if they are), half of a protest is worse.
This document (link thankfully provided by another post) goes to great length to explain:
- That serious damage was already done, since the paper wasn't presented at the conference it was supposed to
- That the legal threats were only drawn back after the damage was done.
- That other (closely related) publications may suffer a similar fate
- That nothing prevents the RIAA from using the same tactics again
- That the legal threat was used to also prevent publication of material not covered by the DMCA
- That scientific work was already harmed by the RIAA's interpretation of the DMCA, and that it will be harmed in the future
This is reason enough to ask for a judgement here, since that is the only way to prevent threats of similar calibre, and the document states that quite clearly. It also points out, that the DMCA conflicts with the first amendment in some aspects, so asking the court for a ruling seems to be the only way to make it clear, what the scientists may publish and what not, if they don't want to risk a lawsuit.
It's very obvious to all, that what happens is, that the EFF calls the RIAA's bluff, but the EFFs lawyers used a lot of language to point out why this is necessary.
ROT13 is a well known, weak, and well known to be weak, encryption. Also it's an obvious one, seeing a text in gibberish, but all ascii, 'words', and some short words that repeat then ROT13 is a good guess. In Unix De/Encrypting is a one-liner. I remember it being used in some usenet groups (alt.jokes.* or so) to prevent people from accidentally reading a joke they might find offending. After seeing some of those Messages i could almost read it faster than press the button to decrypt it.
So i always considered ROT13 'encryption' as a low hurdle to show you made an attempt at preventing a casual reader from reading something he might find offensive. If you must use an analogy then a fence with stairs over it to keep the cattle in, but let people pass would be more like it, than a house with a weak lock. Or like putting a book on a high shelf, to prevent the young one from stumbling over it. The letter analogy is flawed anyway because anyone who wants to look at the letter must get it from your mailbox first. Again a better analogy would be to put an opened letter face down on your table to prevent someone else in the room from scanning over it. Basically you trust in that persons good judgement not to flip the letter over when you go for the loo.
If the law doesn't protect your file from unwanted readers in the first place, then ROT13-encyption sure won't do either.
The attempt at helping the teachers to read their documents was misguided. For a start a teacher should know better than installing one copy of office on multiple computers. There's a simple solution by using staroffice, but that's not the point.
My main point is: by installing office on the computers of one school the problem is only solved for that school. For other schools, still lacking versions of office, the problem has become worse: they now get even more frustrating worddocuments. Instead the teachers should turn their frustration on the originators of that damn Worddocuments and tell them to send the documents in different formats. Especially if the documents originate from some public organisation they should get the point over, that not everyone has access to word, to view, let alone edit, their documents.
The way to handle proprietary and restrictive standards is to make the originator of the content aware of the problem and make it his problem, not to go along with it as far as installing unlicensed software. But that only works if more than a hanful of people act that way. By letting themselves be forced to do Microsofts bidding (by installing the software and thus making it their own problem) the teachers only provide a bad example.
Sorry, but the action shout be in some proportion to the case in question, meaning:
Those were probably machines, most networked together and accessible for any student who wishes to log in and has some networkwide account (i'm assuming from other Universities). In these circumstances it's near impossible to have high security projects on those machines. All in all, in university networks availability is more important than security.
The process you describe is hence inappropriate to the case. The RC5 client doesn't even have known security holes, so the additional security risk due to the running clients is very low, regarding the environment (students that access the machines without getting some lecture about security, for one). So if you consider risk due to running an application with no known security holes high enough to make all that sanitizing necessary, most universities should probably sanitize their computers on a weekly basis.
The most sensible course of action (and what probably happened) was simply deinstalling the client on the machines and be done with it.
I don't know, how much of a 'worst case' scenario you want to make out of it, i simply think you're taking it a bit far there. Anyone could make that bill even higher by saying, that all Work done on those Computers in the past two years is to be considered compromised, all of it has to be done from scratch, and billing wor all that worktime and the costs of delayed projects (like you seemed to hint at with that accountant example in another post). Noone will do that, it's simply not realistic, but it can be used to calculate arbitrarily high damages.
Apparently once you trademarked one common term (Illustrator here) that empowers you to hassle anyone using derivatives of that term too. Now there is only a limited number of words which make sense for a certain class of application, and once all common words ('Illustrate', '...paint...', '...picture...') are used up then what?
I think it's overextending the protection trademarks provide, if they can be abused to prevent any competing product from being labeled with a name that makes half sense.
I think, Adobe will get some bad press from a certain community, so in effect the law-firms handling of the case is smearing Adobes name (they could've done with far less negative press by handling the case with a simple friendly letter, and i think the negative press outweighs $2000 for Adobe).
So if the lawyers are acting on their own, Adobe better gets a handle on this fast (Hey, its their IP the Lawyers are claiming to defend, they should have some say in the case) and does some damage control.
The only case, why adobe might really want the case handled like this is to scare away others, and scare the Maker of KIllustrator out of his wits to avoid it going to the courts (where they might loose) at all.
Maybe MS should go one step further, and go "VIRAL" itself (e.g., that anything you develop with THEIR SDK has to pass down this same restriction, so that YOUR USERS can't use "Publicly Available Software" either)! Why not go all the way?
They'd have to make it compatible with their own license then, else the license would work against itself, since the SDK Software (under a viral license) couldn't be used for development/distribution with itself (since its license prohibits its use with viral Software)
Maybe it's only hard to find in that jungle, but i didn't see a way out of the license, once you accepted it. It should be covered somewhere under 4) i think. There's an easy way out of the License for MS, at least.
Slashdot Mirror
Maybe employing Runes for the first two "S" and propagating that 'spelling' will make people stop and think about the beast. Although its on par with "Micro$oft", legislation with that conotation might be a little harder to push through.
But then it's probably tacked at the end of a long list of laws to be decided over all at once, as the last item in some friday afternoon session.
Well, if the alternatives are, doing something anonymous, or standing up for it and daring a lawsuit this may be right. But if the alternatives are, doing something anonymous, or not doing anything at all for fear of a lawsuit, doing something might be the better path of action.
I think, that in the case in question the anonymous programmer has done enough to make the security flaw public (he demonstrated it to the author of the article AFAIK) while opening himself not too wide to lawsuits. Now releasing the code (even on freenet) wouldn't be a good course of action, since this might give microsofts lawyers enough of a lever to subpoena his name from MIT Tech. Rev. It would be inconsistent with his previous course of action too.
Maybe an even better course of action would be, to anounce a security hole but refusing to let out anything else about it "for fear of being sued". One might even go as far as saying that an exploit was never implemented, since even that would be against the DMCA. But one would surely need some lawyers to test the grounds of this.
Maybe the security experts should just leave it up to the writers of trojan horses, worms and virii to find security holes in products whose manufacturers decide to rely on the DMCA for their security and then just point out the number of exploits. I don't know how better to get home the point, that a security hole exists, regardless if it's made public or not.
Well, anyone who really wants to know will know where to look for the true MHz numbers, maybe he'll also know what these numbers are telling him. Since the advent of the P4 comparing MHz numbers for different processor types has become utterly useless, and even before it was just good enough to tell if an Athlon and a P3 played in the same league. Anyone who wanted to know about the performance for a specific app looked it up, and i don't bother much about the types who have too much money to throw it after a 2GHz P4. Most of those would probably be served better with the framerate of q3demo for a reference, but honestly it's not my problem.
Nevertheless the MHz Hype never ended, first AMD used it when they crossed 1GHz, now intel uses it shamelessly with the differently designed P4, not bothering people too much with too many gooey details like pipeline length. Well, still MHz sells, and probably the shops will find a way to clue the customers up about that number if it helps sell.
The sad part about it is, that the MHz number hade quite a little use, for example to compare two Athlons only differing in MHz-rate, knowing that the last 100 MHz gave you a 4% performance boost for a specific ppp, you can't hope for more for the next 100 MHz upgrade. Also it was quite helpful to judge the difference between say a 100 and a 133 FSB, with the same MHz-rate. But as i said, the numbers will be there for those who want to know em.
In fact the United States didn't honour copyright either, they only did so at the beginning of the 20. century. So many popular works were blatantly copied in the USA and the Government didn't even do as much as raise a finger about that. So the USA only began to be concerned about international IP-Laws, when it fit their bill, and when the US american business would profit from it.
Sorry, i don't see anything wrong, with other countries making their own laws with regard to IP-laws. Especially regarding the current state of US american IP-legislation (apparently the product the USA are most eager to export). Maybe it will help to create more sensible international IP-legislation, but most of all, it'll help to break monopolies built solely on ip-laws. Such monopolies are not a good thing, the restrictions of IP-legislation like the DMCA does more harm than good to international R&D.
Where before the industry, the science and the technical knowledge was employed to establish the status quo and cheat 'poorer' countries out of their rich natural resources, now IP-laws are put to work. Japan did the right thing, when they decided 'learn' from other countries to bootstrap their industrial revolution about 1980. Why shouldn't other countries now do the same. Why should these countries consider themselves bound by legislation that originated in the USA and mostly benefits other countries, not them? Why adopt and enforce laws, that hurt their own business?
I really wonder. I mean, there's a company as big as Microsoft, As we all know they have a good marketing team (apparently their marketing is better than the developers, but nevermind), and they don't even manage to do these fake letters right. I mean, this is obviously a planned thing (they even had a statement ready for damage control, after it was discovered), so we can only conclude, that Microsoft wasn't able to come up with enough genuine letters. They could've hired a team of language professors, they could've done som search&replace on other similar letters, they could've built a whole database system compiling genuine support letters. But no, they did it in such an obvious way, even pupils can do better, when copying down their homework from someone else. I think, much scarier than microsofts attempts at world domination is their incompetence.
This shows in marketing, the recent campaigns agains Linux and against softwarepirates did more to discredit Microsofts statements and to drive people away from their products, than to build more customer-relationships. It shows in Microsofts obvious carelessnes with respect to the still ongoing legal battles (their stalling strategies are too obvious, and they're bundling other applications with windows XP, regardless, making it very hard for the courts to be generous about it). And now their incompetence is showing in this campaign, which, now that it became public, is worse for Microsoft, than anything Sun could do to Microsoft with the recent haggling about bundling Java with Windows XP.
Well, i don't know what's disturbing me most: Microsofts success, despite their incompetence, or their incompetence despite their success.
It's even possible, that they launch this attack not from their home account (which would be dumb anyway, ... ok they would), but from some server they have access to (maybe by having hacked it before), with a broadband connection. Just because the attacker is connected to the internet via an 56k modem doesn't mean the attack is launched via that line.
But let's not get that in the way of Microsofts denying the relevance of this attack.
Well, be assured of one thing: If Linus would try to change the license-terms of the kernel (beyond some point), even if that was legally possible (which it probably isn't considering all the contributions from people all over the world) there wuld be some ruckus. It would probably include multiple forks of the Linux-Kernel, big haggling over who's in control of kernel-development, people wandering to BSD or trying Hurd. In the essence it would make anything that Linus would draw out of that deal much less worth than what Linux (the kernel) is now. Anyway, it's highly improbable that Linus would even consider such a dumb move ...
Read the licenses carefully and rip out parts which give Stallman any possibility to influence your future. Phrases like
just invites him to screw you when it pleases him. Rip out the "any later version" part [...]
And sure enough, it wasn't part of the License itself, but of the (although suggestive) part on how to apply the license to your source code. In the License it says:
This clause seems a little strange at first, and note, that you can restrict the licensing of a library to a specific version of the LGPL (although it's not explicitly said so you can do so by specifying the LGPL-Version). I think there is a good reason for using that option though, as long as one assumes, that the LGPL and the GPL will stay the same in spirit (the [...] part in above quote): what if you merge two libraries or use part of one library with part of another, soon you'll probably find all versions of the LGPL applicable to different parts of the code. Also an upgraded Version might close some loopholes of previous ones, so if you trust the FSF to do the right thing with the LGPL it's probably a good thing to leave the option of a License upgrade open to later developers. And anyway, as long as one person or group of persons keep control of a project (in the sense of being responsible for it) it's their choice, what specific licence the actual code ships with.
I also noted, that (3) allows to elevate LGPLd code to GPLd code. Again this makes sense, in the case that you want to use LGPLd code in a GPLd project (but not vice versa, which wouldn't make sense anyway, since that would 'degrade' the GPL to the LGPL). I think these paragraphs are in there for convenience's sake and not to give RMS total control over anything GPLd. Anyway, ripping the first quoted snippet out of context and using it to picture RMS as a controlfreak is, in my opinion, bad style. RMS often enough comes through, well, overenthusiastic, to say the least. The "GNU/Linux" vs. "Linux" debate doesn't help that either, but let's be honest, Linux wouldn't be what it is today, hadn't the GNU Software and the free software idea already been in place.
I don't think this stuff can survive in open source software. If it comes in an open source package, guess how fast a fork would exist without this "feature"? And if the software it comes with isn't open source, then people would just go for OS-alternative, or even program one themselves.
Another thing is, that the typical Linux/UNIX user is less inclined to have the control over his box wrested away by the OS or some stupid application as most windows users who are used to giving up control over their computer when installing the OS.
Ok, you load a page, see an XYZ-ad, and XYZ paid for the content. And guess who pays XYZ for the advertising? Their customers, one of which might very well be you! Let's say on the average enough readers of aforementioned page prefer the advertised products over competing products, so the costs for advertising is paid by the slightly higher price (if not, why advertise at all?). So at the end of the day the readers of the page not only pay for the content, but also the advertising company by paying more for the products. And all that for obnoxious ads?
Nvidia even makes their hardware talk to DirectX. That means games programed in DirectX will probably get the most out of that graphics boards, and considering nVidias marketshare that's not a bad idea. It gets even better if other chipset manufacturers do that too. And let's be honest, even most linux-folks out there have a w98 boot option if they want to play games not available for Linux. So marketshare is even less of an argument.
The problem with all this is, that DirectX gives Microsoft yet another lever to dominate multimedia formats and applications, for example formats for animated content (let's see if flash-plugins and shockwave go the way of netscape and realplayer in the near future) and this is big: every advertiseing company wants that, guess what they'd pay for development kits, if the stuff is guaranteed to display properly in IE.
Because any script-kiddy reading that article will probably get a hard-on, hacking in there. And they probably won't give a call in advance or leave their address and office hours with the FBI. Well, if i found a security hole on their site i sure as hell wouldn't inform anyone about it, and surely not them.
I really hope their zero-tolerance-policy blows up in their face and leaves them with the shit they deserve, so they serve as a bad example. With their action they only scare law-abiding folks from reporting security-holes to them, but no crackers who stand on the wrong side of the law anyway.
If you want to avoid such troubles you have some options:
- not upgrading at all (do you really need the newest spiffiest kernel?)
- upgrade only after there was some discussion, so you'll be warned about trouble
- wait for the first patches, see if they fix the things you need
- wait for a precompiled kernel (say as rpm) for your distribution
If you want the newest Kernel from kernel.org the day it comes out you're expected to keep your old kernel so you can use that if the newest stuff don't work, and that you take a glance at the compile logs and use that option if something comes up you can't handle.
You don't need to edit "the friggin source code", it's an option. If that newest MS-Stuff breaks you're without that option, you have to roll back (if you can). Since users with the level of knowledge you hint at, are probably relying on their distribution for precompiled kernels i don't see your problem.
Hmm, being a physicist i even know how that superheated water thing works, you can heat water a little above the boiling point without it becoming steam. Only when you disturb it it will boil. Until then it's in an instable equilibrium state. The effect is even used in Bubble chambers: the disturbance by a charged particle is enough to result in a track of bubbles, thus making the particle visible (but be sure to get the timing of that photo right, or you could as well take a photo of your teapot). In chemistry we even learned to put something with an irregular surface in a testing tube before heating it, because it doesn't need a microwave for the effect, nor water. Any liquid being heated 'carefully' enough (and in a container with smooth enough surfaces e.g. glass) will do.
So i wouldn't have discounted that superheated water story anyway. But that also means, before accepting or discounting such a story one should think if one has expertise on the subject. By dismissing it all as a hoax you became the false authority. It's rather better to say "Well i don't know about that, i have to know more before making a statement", maybe followed by "but i don't believe in it". It's ok to have an opinion about the credibility of a statement, but it should be marked thus.
Yeah, wonderful, apart from the bad analogy part, let's play with this one: I have a cheap piece of junk as a plane, your's is quite expensive, also i know where your plane is because i have enough people with binoculars scattered around the world. To make things complete let's limit maneuverability a little, maybe i always know where you'll have to land next to refuel (you know, those sats have limited fuel, your choices of orbits and orbitchanges is thus rather limited.
Now comes the interesting part: Let's say i think i can get away with ramming your plane since you didn't register your course with the correct authorities (neither did i, so it'll all be christened an "accident" later), and i have a grudge against you, because of what you said about my mother.
Now just remember the political chaos that ensued after the US-Spyplane was hit before the chinese coast.
the author makes accidentally an unintended interesting point
... and all that just from mixing up IP (Intelectual Property) with IP (Internet Protocol). As a sidenote: if you outlaw IP (the Internet Protocol) you outlaw the Internet. Anything you put in place of that is not the Internet and should be called different. Don't let anyone get away with 'innovating' a 'new' Internet or somesuch, so that their restricted-net is not confused with the internet (although some organisations already work hard to pervert the basic idea of the internet, namely to have a network of freely communicating participants).
I don't know the reasoning of the EFF, but i guess, they want to go into the talks with adobe with as much options as possible. Once the protests happened it wouldn't make much sense to protest again (many people won't go twice, and the media will most likely not cover a second protest with the same intensity as the first one). So once the protests happened, repeating them is much less of a threat. Hence holding back the protests gives the EFF much more to bargain with.
I think that's a perfectly valid way of reasoning, another is, to use the protests to heighten public awareness of the case and use the publicity of the case in the bargaining ("if you don't want any more egg on your face you better act in a sensible way now"). I think the second way of reasoning is a better longterm strategy, since adobe (and others) will then think twice before pulling similar stunts.
There is another point to consider: The protests should be organized, some protesters with noone to explain to the media, what the issue is, will do no good. What's even worse, it will, as explained, reduce the impact of future protests. Hence i think the protesters should follow the EFFs decisions, since even if the decisions are bad (and it's disputable if they are), half of a protest is worse.
This document (link thankfully provided by another post) goes to great length to explain:
- That serious damage was already done, since the paper wasn't presented at the conference it was supposed to
- That the legal threats were only drawn back after the damage was done.
- That other (closely related) publications may suffer a similar fate
- That nothing prevents the RIAA from using the same tactics again
- That the legal threat was used to also prevent publication of material not covered by the DMCA
- That scientific work was already harmed by the RIAA's interpretation of the DMCA, and that it will be harmed in the future
This is reason enough to ask for a judgement here, since that is the only way to prevent threats of similar calibre, and the document states that quite clearly. It also points out, that the DMCA conflicts with the first amendment in some aspects, so asking the court for a ruling seems to be the only way to make it clear, what the scientists may publish and what not, if they don't want to risk a lawsuit.
It's very obvious to all, that what happens is, that the EFF calls the RIAA's bluff, but the EFFs lawyers used a lot of language to point out why this is necessary.
ROT13 is a well known, weak, and well known to be weak, encryption. Also it's an obvious one, seeing a text in gibberish, but all ascii, 'words', and some short words that repeat then ROT13 is a good guess. In Unix De/Encrypting is a one-liner. I remember it being used in some usenet groups (alt.jokes.* or so) to prevent people from accidentally reading a joke they might find offending. After seeing some of those Messages i could almost read it faster than press the button to decrypt it.
So i always considered ROT13 'encryption' as a low hurdle to show you made an attempt at preventing a casual reader from reading something he might find offensive. If you must use an analogy then a fence with stairs over it to keep the cattle in, but let people pass would be more like it, than a house with a weak lock. Or like putting a book on a high shelf, to prevent the young one from stumbling over it. The letter analogy is flawed anyway because anyone who wants to look at the letter must get it from your mailbox first. Again a better analogy would be to put an opened letter face down on your table to prevent someone else in the room from scanning over it. Basically you trust in that persons good judgement not to flip the letter over when you go for the loo.
If the law doesn't protect your file from unwanted readers in the first place, then ROT13-encyption sure won't do either.
The attempt at helping the teachers to read their documents was misguided. For a start a teacher should know better than installing one copy of office on multiple computers. There's a simple solution by using staroffice, but that's not the point.
My main point is: by installing office on the computers of one school the problem is only solved for that school. For other schools, still lacking versions of office, the problem has become worse: they now get even more frustrating worddocuments. Instead the teachers should turn their frustration on the originators of that damn Worddocuments and tell them to send the documents in different formats. Especially if the documents originate from some public organisation they should get the point over, that not everyone has access to word, to view, let alone edit, their documents.
The way to handle proprietary and restrictive standards is to make the originator of the content aware of the problem and make it his problem, not to go along with it as far as installing unlicensed software. But that only works if more than a hanful of people act that way. By letting themselves be forced to do Microsofts bidding (by installing the software and thus making it their own problem) the teachers only provide a bad example.
In a University? give me a break!
Sorry, but the action shout be in some proportion to the case in question, meaning:
Those were probably machines, most networked together and accessible for any student who wishes to log in and has some networkwide account (i'm assuming from other Universities). In these circumstances it's near impossible to have high security projects on those machines. All in all, in university networks availability is more important than security.
The process you describe is hence inappropriate to the case. The RC5 client doesn't even have known security holes, so the additional security risk due to the running clients is very low, regarding the environment (students that access the machines without getting some lecture about security, for one). So if you consider risk due to running an application with no known security holes high enough to make all that sanitizing necessary, most universities should probably sanitize their computers on a weekly basis.
The most sensible course of action (and what probably happened) was simply deinstalling the client on the machines and be done with it.
I don't know, how much of a 'worst case' scenario you want to make out of it, i simply think you're taking it a bit far there. Anyone could make that bill even higher by saying, that all Work done on those Computers in the past two years is to be considered compromised, all of it has to be done from scratch, and billing wor all that worktime and the costs of delayed projects (like you seemed to hint at with that accountant example in another post). Noone will do that, it's simply not realistic, but it can be used to calculate arbitrarily high damages.
Apparently once you trademarked one common term (Illustrator here) that empowers you to hassle anyone using derivatives of that term too. Now there is only a limited number of words which make sense for a certain class of application, and once all common words ('Illustrate', '...paint...', '...picture...') are used up then what?
I think it's overextending the protection trademarks provide, if they can be abused to prevent any competing product from being labeled with a name that makes half sense.
I think, Adobe will get some bad press from a certain community, so in effect the law-firms handling of the case is smearing Adobes name (they could've done with far less negative press by handling the case with a simple friendly letter, and i think the negative press outweighs $2000 for Adobe).
So if the lawyers are acting on their own, Adobe better gets a handle on this fast (Hey, its their IP the Lawyers are claiming to defend, they should have some say in the case) and does some damage control.
The only case, why adobe might really want the case handled like this is to scare away others, and scare the Maker of KIllustrator out of his wits to avoid it going to the courts (where they might loose) at all.
Maybe MS should go one step further, and go "VIRAL" itself (e.g., that anything you develop with THEIR SDK has to pass down this same restriction, so that YOUR USERS can't use "Publicly Available Software" either)! Why not go all the way?
They'd have to make it compatible with their own license then, else the license would work against itself, since the SDK Software (under a viral license) couldn't be used for development/distribution with itself (since its license prohibits its use with viral Software)
Maybe it's only hard to find in that jungle, but i didn't see a way out of the license, once you accepted it. It should be covered somewhere under 4) i think. There's an easy way out of the License for MS, at least.