No, seriously. It seems that his entire argument is directed towards changing semantics to take the emphasis off of the mathematical underpinnings of computer science. Rar.
I think he's astroturfing for the pro-patents lobby.
One of the reasons you can't patent software in the EU (and probably many other places) is that algorithms are essentially mathematical
constructs, and maths is generally regarded as unpatentable.
So maybe one of the big software houses has decided that the next time they go to court over patents, it might be useful to have
a scholarly book saying how algorithms are not in fact math based, and should therefore be patentable.
It would also explain the odd references to circuit boards - which
are another arguing point in the patent debate. If it has a physical
expression, the argument goes, then it can't be maths.
You can't do computer SCIENCE at all without the math. You might do some software engineering. Without understanding phenomena that underly the principles you're studying, there is no science.
Well said, sir. And there's nothing wrong with being a software engineer, rather than a computer scientist;
I just wish the distinction was clearer in most people's minds.
I honestly don't understand the whining.
Well, in the case of TFA, I think it's politically motivated. In a many parts of the world,
software patents are still illegal because algorithms are held to be essentially mathematical expressions,
and mathematics is excluded from patents. On the other hand, if the big software houses can orchestrate some
grassroots support for the notion that "algorithms != mathematics", then they might find the next EU debate on the
subject goes a little smoother.
I think that's all this is - a bought and paid for study, intended to smooth a path for eventual legislation.
Because just slapping their OS on a machine somewhere means nothing,
because you'll have to 'open up' features on it in order to get much
value from it.
Alas, this is true of any O/S. If you want to run it securely,
you need to understand the issues in some depth. That's why I used
the word serious. I don't think ease-of-use really enters into
the equation here.
I mean, take a quick look at the
OpenBSD
website. What's the first thing you see? "Only two remote holes in the
default install, in more than 10 years!" What would the equivalent
statement be for Microsoft? The number would be three or four orders of
magnitude higher.
Thinking about it, that is probably why you're so keen to sideline
the discussion into ease-of-use issues: there's no way you
can win this one on technical merits.
This outburst just comes from watching too many people with 'slap OpenBSD
on it' attitudes who don't seem to get it.
You seem to be sugesting that a lot of people are installing OpenBSD out
of a "ricer" mentality. Like putting racing stripes on your car, and
expecting an increase in performance. I can't say I've noticed this
personally, but I expect it does happen. The thing is that this still doesn't
make XP a better choice. Just as putting stripes on a milk float isn't going
make it go any faster, taking the stripes off a Ferrari isn't going to
slow it down any, either.
It's also worth noting that the "2 exploits in over ten years" blurb talks about the
default install, which suggests that even a naive out-of-the-box installation is
still likely to have better security than XP.
It's like I said at the outset: if you're serious about security,
you're probably running OpenBSD. You're almost certainly not running
a Microsoft OS.
I'm pretty certain his point had nothing to do with the fact that...
His point, as written, seemed to be that security-through-obscurity must
work well, because if it did not then neither Microsoft nor the motion
picture industry could have amassed so much money.
Sadly, that line of argument ignores the possibility that these industries
may have made their billions for reasons unconnected security.
In the MPAA's case they made their money long before the question
of copying DVDs ever arose. In Microsoft's case, they rose to their
current position of dominance selling a system that didn't even have
the concept of logging on - and when they did include a log-on screen,
you could bypass it by means of an arcane and little understood hack
that experts sometimes refer to as "pressing-the-escape-key"
Granted with XP (and presumably Vista) they've finally started taking
security seriously. But that doesn't mean that they owe their money to
their track record on security - they made a vast amount of it before they
had any security whatsoever. And even if it did, that still necessarily
wouldn't make security-though-obscurity an effective approach
... there are apparently scads of people out there choosing to purchase
Microsoft products based on MS's 'security record' and not mere utility
or use value.
Welcome to our parallel universe. We hope that you enjoy your stay.
the vast majority of their markets DO go out and buy lots of their
products. its why they have the billions in the bank
Oh indeed. But not I hope you'll agree on the strength of their
unblemished security record. There are a lot of reasons for buying Microsoft,
ranging from "it runs World of Warcraft" to "it came with the computer". But
frankly, if anyone is serious about security, they probably run OpenBSD.
And if you still didn't catch my point: The point is that for their target market the level of encryption DOES make a difference,
Well, that may have been the point you intended to make, but it bears
no resemblance whatsoever to what you actually wrote.
ebbomega pointed out that security through obscurity had
been known to fail in a great many cases, and you tried to rebut
him by pointing out how much money Microsoft had in the bank.
That might make sense to you (and indeed to a lot of other people
on Slashdot) but it still doesn't logically follow.
But even conceding the point...
The hardcore 'pirate' ( and i hate that term, for the record ) isn't
part of their target market in the first place.
... it's still a most egregious straw man. The original point was that
security-through-obscurity has repeatedly failed to provide
the level of security claimed the supporters of the model.
The question of whether or not CSS is cost efficient in
discouraging copying is a complete red herring.
Yea, the MPAA and Microsoft are really hurting with their billions in the bank...
Why that's right! And your point is particularly relevant because the MPAA
owe the vast majority of their millions to the unbreakable nature of the
CSS algorithm. In fact, as I'm sure we'll all agree, no one actually finds
value in a well made film, or a tuneful song; instead the reason anyone is wiling
to pay for such things is because we can sleep soundly at night knowing no-one
is going to break into our homes at night and illegally copy all our
CDs and DVDs.
In fact, I can remember many a time when I've gone into my local record shop
and just given them a tenner. "No, don't give me any music", I tell them,
this is just out of gratitude for all the fine work the industry does
with DRM.... "... no, hang on a second, that's not right...
Now I come to think of it, that didn't really happen. It's just this
surreal dream I have every now and then. A bit like the one where
I buy lots and lots of Microsoft products based on the exemplary
security record of their operating system.
Otherwise, they may find themselves in the position of being considered
shakedown artists in the same vein as the RIAA, MPAA, Jesse Jackson,
and Al Sharpton. Or, they run the risk of being accused of settling easy
to avoid a potentially damaging judgement.
There's an interesting aspect to this in regard to the RIAA.
If Microsoft can argue in court that selling vouchers redeemable for a thing
is not the same as distributing the thing itself, then that surely
opens the way for web sites to legally sell coupons for MP3s redeemable
at sites like allofmp3.com. To date, the ??AA have argued against this notion
quite vigourously, So MS could face the unlikely prospect of the RIAA
filing an amicus brief against them, if this ever comes to court.
Of course, if that happens, it opens the way for companies to sell
vouchers for XP and Vista operating systems, just so long as they're
only redeemable from places outside US jurisdiction.
But the real irony would be if, by attempting to fragment the open source
community, Microsoft instead wound up setting the IRP lobby at one another's
throats. I reckon we could sell tickets...
Another possibility is that they did detect his FTP use. It's well known that "Fortune Whatever" companies are paranoid about "industrial espionage. It's very possible that they are set up to automatically check outgoing FTP against a list of authorized targets, and they check up on those that don't match the list.
So it's purely co-incidence that they day after DigDuality gives Dan Lyons his contact details, a routine log trawl at his employers
highlights 2 ten second uploads to a blogspot IP hosting a site blog they clearly had not looked at, but which they nevertheless felt secure in mis-characterising as a political site which abused the company name?
I suppose it might be possible. It just doesn't strike me as likely.
I think I'd choose functionality over security, if it was some function I like.
Which is perfectly fair enough. If you design a house with lots of
windows (not the O/S for once) then each window is potentially a point
of entry. You can use toughened glass, non-opening windows, but it still
won't be as secure as an unterrupted wall would have been. So you would
be compromising security for features - in this case natural light.
The problem only starts if you then claim that the security of your
design is in no way compromised by the windows. Or that it's unfair to
compare it against the security of houses with no windows, since those
houses have no natural light.
I don't think it has to be. Let's consider a hypothetical case: suppose
you had an chemical plant that for years spewed toxic effluent into the
river, and which got a deservedly bad name for this. Then, let's suppose,
the cleaned up their act and stopped dumping toxins, maybe compensate the
people living locally.
At this point, the company still have a bad image, even though they
are now good neighbours, so it's a legitimate tactic to get a PR crew in
to address the image problems. You've seen the sort of thing:
take some film crews around the plant, make some commercials with lots of pictures of sunlight,
ripe wheat, green trees and healthy babies.
On the other hand, they could do pretty much the same thing if
they haven't got rid of the toxic effluent, or if they
solved the problem by venting it as vapour through the air conditioning
system at the nearest school.
The trouble is that companies seem to have figured out that they
get about the same effect whether they fix the problem or not.
So why spend money fixing the problem if the PR is all that's needed?
So, yeah, PR is pretty much the same thing as lies. It needn't be,
and it shouldn't be -- but on the whole, that's the way to bet.
Suddenly, I have this overwhelming urge to upload 500 megs of encrypted
white noise, and just leave it there. Maybe pick a mildly suspicious name
for the file.
I mean, if they play fair, no problem. Of course, if they get curious they could expend a lot of resources trying to find the plaintext in that package:)
Still, so long as everyone didn't start doing it, there'd probably be no problem...
hmmm... a while back there was speculation that Microsoft had despaired
of ever having its press releases taken seriously, and instead had
started to release company PR disguised as "leaks" about which it would
then pretend to get vary annoyed.
By doing so, instead of everyone going "ho-hum - more PR from Redmond"
they'd take the leaked document very seriously. Then someone would pipe
up with, "you know, if you think about it, Microsoft really don't sound
too that bad in this", and everyone would take that seriously too. Because,
you know, if it wasn't true, why would they be so angry?
So I suppose it's possible that Microsoft employees aren't the intended
audience here...
Too bad for you that you don't like the hard cutting facts of legal realities.
What do you mean by "legal realities" in that sentence, I wonder.
If you think I'm ignoring a point of law, feel free to point it out,
but so far it's been your claims about the GPL that don't match with
reality.
Yes, public domain is better; I already stated that.
You did. And I asked you to clarify what you meant by that.
Better for whom? Better for what purpose?
Better by what criteria? Perhaps this time, I'll get
an answer.
Calling the "community" who buy into the GPL communistic isn't an ad
hominem attack, it's simply stating that there are many characteristics
of the notion of a commune and the GPL cult-ure - with emphasis on cult.
I disagree: "communist" is a very loaded term, especially in the US.
"Cult" is needlessly pejorative. You're simply loading description of
the GPL with negative associations to try and make your point seem better -
textbook ad hominem.
For example, if you wish to use a GPL'd software as the basis for
another piece of software or as a major component you MUST share it with
the group;
Overly broad. If you take a GPL licenced library and link it into your
code then yes, you cannot legally distribute that software unless you
licence it also under the GPL. That doesn't apply if you keep the software for
your personal use however, and it doesn't apply for libraries licenced
under the LGPL, which was created to address this very problem.
On the other hand, taking the software as a "basis" could refer to a lot of
other scenarios where the GPL would have no effect at all. I could use Bash as
the basis for an application framework, and I could keep my scripts as closed
as I liked. The GPL specifically allows for that, too. So for most scenarios,
you're way off the mark.
Yes, you can choose to not enter into this arrangement but
Not so fast with the "but". You can choose not to enter into the
agreement. No one is putting a gun to your head and forcing you
to modify or distribute GPL software. Your freedoms are not infringed;
but if you want to use it, you have to abide by the licence.
If you don't like that - hard lines. The licence was chosen by the people
who did the work. They get to decide what the licence should be. You can't
come along after the fact and tell what terms and conditions they can impose.
If you don't think that's fair, go and tell Microsoft they have to release
the code to MS Office under a BSD licence. If you really think you have
the right to tell people what licences they can and cannot use, then you
might as well start at the top. While you're at it, see about getting Apple
to re-licence OS/X back as BSD while you're at it. Once you've got them
to agree, getting the GPL dismantled should be a doddle.
Yes, you can choose to not enter into this arrangement but once you do
you're committed irrevocably with any software you release under GPL
No. No, you're not. If you choose a GPL licence for your project, you
retain the copyright, and you can close future releases at any time
you choose. If you use a GPL library, you can release a version that
uses non GPL libraries and close that. And if you start a new project,
you can choose any licence you like. Let's try and keep a sense of
perspective here.
The problem that I and other have with the GPL is that it does it's
"sharing" and it's "freedom" by restricting the rights of the softwares
authors to favor others.
And the problem I have with your problem is that when you talk about
"authors" the guys who wrote the software originally don't appear to
get a vote. The original author is the one who gets to choose the
licence. But you'r
Your analysis is correct and what the American Electronics Association says should be rejected, but they did not intend to be honest.
Oh, I agree. I just found the unintentional admission amusing. I also think there's a wider issue here, a meta-issue meme
that could use wider propagation. I just wish I could formulate the idea a little more clearly.
It is dangerous enough to create a unique identifier for each type of article for inventory.
mmm.. certainly, stock control is a valid application for the technology.
But I agree that the
potential for abuse is terrific, and I'm in favour of laws to limit abuses
like requiring implants.
I know you're just trolling, but I'm nevertheless going to point out
that the GPL doesn't make any requirements of the user at all.
How dare you accuse me of trolling;
Well... I guess it was the mix
of belligerence and hyperbole coupled with factual inaccuracies
and what seemed at the time to be deliberate reliance on logical fallacies
to make you point. I do apologies if I misjudged your intentions, but
you certainly sounded like you were trolling.
that's just an ad hominem attack by you since you can't come up with
better arguments.
And you know, if the single line you quoted had been the entirety of my
post, I'd have to concede you had a point. Still, let's talk about the
GPL.
Even reading the software binds you.
No. No it does not. Look, the GPL lives here. Go have a read
of it.
Among other things, you'll notice that the licence states outright that
it only applies to copying, distribution and modification. In particular,
it disclaims all restrictions on running the program. Reading is mentioned
nowhere in the licence, but since reading is neither modification nor
distribution we can safely conclude that reading is outside the scope of
the licence also. Here's the text in question:
Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted
The BSD way of doing things is just as successful
By what criteria? The GPL is, I believe, the most widely used Free Software
licence. It attracts more developers, and has more software. I'm not knocking
BSD, but if you want me to accept it as being equally successful, I think
you're going to need to say how you define success.
The GPLs draconian restrictions also come along with a cult similar
to communism.
Speaking of ad hominem attacks, that sounds rather like one to me. Maybe you need some better arguments:)
I don't know about "analogue value". How about you define that term.
Analogue as opposed to binary. Not a metaphor, it's a term from engineering
with a precise value.
A binary value is either true or false;
on or off; an analogue one can be have man values in between.
It's a sliding scale; a continuum. It's about third from the top
if you ask Google for
definitions
Now if you insist on Freedom being a binary value, then a single restriction
is enough to demonstrate the non-freeness of the licence. This is, correct me
if I'm wrong, your argument from your earlier post.
Of course, by the same logic a single permission would be enough
to demonstrate the unrestricted nature of the licence. Since the
GPL both grants permission and imposes restrictions that would be a
contradticon. From this we can infer that your logic here is incorrect.
Incidentally, since we're quoting logical fallacies at one another,
I think you'll find that one is called denying the
antecedent
GPL'd software comes with so many contractual terms that they bind the users into a knot of inability to make use of the software beyond any reason.
I know you're just trolling, but I'm nevertheless going to point out that
the GPL doesn't make any requirements of the user at all.
It does place some conditions on the distribution of the software,
but that's a different case from simply making use of the software. The distinction
is important.
True free software is public domain which has zero restrictions.
Hmm... I expect you, like most of us, live in a country where the government
places restrictions on activities such as theft and murder.
If freedom is not freedom except in the complete
absence of restriction, those laws would make you a slave.
Alternatively, perhaps you might concede that freedom is most usefully
considered as an analogue value. Thus you may enjoy a great many
freedoms while still being restrained from certain anti-social acts.
Similarly, the GPL grants its users a great many freedoms that would not
be theirs under copyright law, and more again than those granted by many
industry EULA which tend to impose additional conditions upon any use of the software.
Linux is caged by the GPL and is just as useless as Microsoft or any
other commercial software.
Useless to whom? Useless for what purpose? I've found it very useful for
wide range of tasks. So it seems have many others.
Roxanne Gould, Spokesweasel for the American Electronics Association says 'Our bottom line is we're opposed to anything that demonizes RFIDs'
Actually, I found that part of it refreshingly honest. What she's saying is tantamount to something like this:
We don't care a hoot about the moral or ethical aspects. We don't even care if RFID are a good idea in any context, neither do we care if they happen to be an astonishingly one. All we care about is that industry buys more RFID chips, and that's what we will say
in any and every debate.
The nice thing about that is that it means their opinion on any subject can be dismissed out of hand. It's like a binary signal that's always set to one; it carries no data. We already know what they're going to say, whatever the question ("RFID tags are GOOD!") and we know why ("because it make us MONEY!").
It's just rare to see one of these industry pressure groups quite so willing to disqualify themselves from the debate.
Seems an odd bit to focus on, rather than the continued openness of the source code
They mentioned the requirement that the program remain "open". They just didn't go into detail about
precisely what "open" means in this context, or how that openness is maintained. Considering the scope of the article,
I'd say that was about right.
I don't think anything in the license would give developers any reason not to fear legal repercussions
if they might to begin with.
How true. I mean if you've been caught on CC-TV robbing a series of liquor stores at gunpoint,
GPL compliance probably isn't going to be much help when you find yourself in court.
On the other hand, if you're merely reluctant to distribute a specific application Linux
live CD or virtual appliance, then I can imagine this being considerable reassurance to a
newcomer to open software.
You have to consider that most people when they think "software licence" think "Microsoft EULA"; it's
possible that a lot of those folks think that any redistribution of software carries
legal penalties. Explaining that this isn't the case with the GPL might be the missing datum
some people need in order to understand what makes free software different.
How about having your monitor OS being replaced with one with a backdoor built into it which detects whenever signals are being sent to a virtual nic and copies the data to another ip address on another nic?
Well certainly, a hypervisor rootkit is potentially a Very Bad Thing. Still, I do wonder if you've thought that scenario
all the way through.
I mean, hypervisor subversion might be an issue for Xen, but wouldn't necessarily affect VMWare, for instance.
Which is, I hope you will agree, the most likely scenario for inexperienced virtualisers. Download VMWare server,
generate an empty VM, stick the Vista CD in an boot. That should be safe as houses.
Not something MS wants to be supporting for a host of naive users
And that's another thing. If your naive user isn't using VMWare, if they have the know how to do something
like set up Xen with (say) a RedHat Dom0, and then get vista to install and run as a DomU, then I find myself wondering about your use of the word "naive". Maybe it don' mean what you think it means....
Then of course, we should consider that you don't need to be running under virtualisation to have waht you describe happen. The best known hypervisor rootkit would seem to be Blue Pill, which works by exploiting hardware virtualisation support in newer CPUs.
So not vitualising doesn't help in the case you describe,
and the people you claim the measure is designed to protect don't seem terribly vulnerable.
So I don't think this is Microsoft's true motivation.
And personally, if I was concerned about having my monitor OS subverted, I wouldn't choose a Microsoft OS for the role in
any case. But maybe that's just me.
Vista sales are slow not because it is "bad", but because XP is well and truly "good enough".
Hence, the take-up rate of Vista is basically that of new/replacement PC sales.
Of course, if sales are slow that doesn't mean that Vista is "good", either, All it means is
that it is "not selling". (Try this at home, kids! Put "quotes" where they're not "needed").
I don't think even the craziest of sales droids believe that a meaningful (hell, even statistically valid) portion of their userbase is holding back because of perceived problems with virtualising certain versions of Vista.
Which is fair enough, except that someone at Microsoft was prepared
to change the EULA. A decision that was then reversed in favour of an
advertising campaign. Like I say, I think someone is getting desperate.
I don't think it's a sales droid either. The pressure is going to descend
on a subset of those managers responsible for Vista design and development.
The ones that inhabit The Scapegoat Zone.
Right. Because it's obviously that miniscule proportion of people who a) want to virtualise and b) won't just ignore the EULA that is responsible for the "lack of popularity".
Which, (assuming sarcasm on your part), wouldn't rule out the virtualisation restrictions being a contributory factory in to poor vista sales. I think we can take the poor sales as a given - if vista was flying off the shelves, MS wouldn't trouble with a "fact rich" campaign to persuade potential customers to "proceed with confidence". Whether or not sales is the same thing as popularity is another question, although Microsoft fans don't usually have a problem with the notion when contrasting Windows against Linux.
But let's not get sidetracked. Even if virtualisation isn't causing Vista's
sales problems, it could still be seen as doing so, internally.
For that matter, if MS were going to relent a little on the more
controversial features of Vista, they're more likely to give ground over
virtualisation than they are to back pedal over DRM, for example. And
there's probably nothing they can do at this late stage about the hardware
issues. So if they were inclined to throw the potential buyer a bone,
it would pretty much have to be over virtualisation.
Maybe that's what happened here. One faction was all set to change the EULA
in the (perhaps slightly desperate) hope of kick-starting a wave of Vista
adoption. Then someone else comes along and says "it's OK - we'll fix it in
advertising" and the change got withdrawn. In some ways, this seems the
simplest explanation.
And if advertising fails to fix the sales problem,
we may yet see the licence restriction withdrawn.
So really, I don't think the size of the virtualisation market much
matters when it comes to forcing MS' hand in this case. Because I think
the pressure is coming from within. I think MS are well aware that
it isn't going to address most potential buyers concerns, but I don't
think that matters. Ten years and billions of dollars have been spent,
and careers will be on the line over this. I think some folks at MS are
starting to clutch at straws. Virtualisation must look very tempting
to them.
You don't like these facilities then you make that known. You bring it
out. You let others know what is happening. You spread the word. Then
you find an alternative or refuse to upgrade to much more offensive
spying system (such as that in Vista, vs what's in XP.)
I entirely agree. The point I was trying to make as that even if (as claimed)
95% of the complaining slashdotters haven't tried Visa, that still doesn't
invalidate their reasons for not trying the O/S. I'm a die hard penguin head
these days, but ever if I were not, the DRM provisions would make me most
reluctant to upgrade.
This should not deter us from staying in the community and discussing
the threats by Microsoft of IP violations and royalty payments and
law suits. Hopefully this is not just an attempt by them to change the
subject. Get you arguing over a lesser problem and push ahead with the
more egregious issue.
This is about the only point where I disagre with you. Firstly, I have
difficulty with the idea that MS spent 10 years and billions of dollars
on a deliberately bad flagship O/S release. I suppose they could
have done - there's always an element of doubt in such questions. On the whole
though I think I prefer to apply
Hanlon's Razor
and attribute Vista's
shortcomings to a sort of corporate stupidity rather than some grand master
plan.
But more importantly, I don't think it's an either/or proposition.
We can point out the shortcomings of Vista and denounce Microsoft's
attempts at an IPR land grab both.
But apart from that - good points and well made. Thank you.
I'd guess 95% of people on here moaning about vista have never used it.
Well, I think your percentage is too high, but you've undoubtedly got a point.
I mean in addtion to those who are moaning after having tried it,
you have those who are complaining about not being able to purchase a
Microsoft operating system unencumbered with DRM; those who are concerned
that changing operating system will cost them much more than price of the OS,
in hardware and software upgrades; and of course those who are sick of
Microsoft moaning on about people not paying for Vista when they don't see
anything wrong with the operating system they have at the moment.
I don't think any of those viewpoints are unreasonable, personally.
Admittedly, you also get people like me. I haven't tried Vista because I
use Linux, and because MS burned me one time too often for me to
willingly use their software - especially this early into a product
lifecycle. Then again, I'm not moaning so much as laughing at
Microsoft, so that's probably OK too.
The people bitching about vista here are the same ones who bitched about
XP, and before that, windows 2000.
Some of them are. But I'm seeing a lot of people here saying, in effect,
"I've tried it and it sucks! I want to stick with XP!"
Unless of course you want to invoke
The PJ Principle
and claim they're all lawyers employed by IBM or something...
The WSJ reports: 'Incompatible technology has become an increasing problem for businesses
if so, why don't we seen businesses demanding open standards used when they make the buying decisions ? is this uninformed people being in charge or what ?
Until now, there hasn't been the need. When IT equipment was bulky and or expensive, firms could just make sure all
their infrastructure used the same supplier. Then as handhelds started to arise, everything had to be compatible with
Windows, since everyone wanted to be able to sync against Outlook.
Now though... if enough people buy iPhones, and then say "so why doesn't our email work with the iPhone?" that's going to put a lot of pressure on firms. Offhand I can't think of anything with popularity
of Apple's iLife range where the vendor has been brave enough to rely on open standards.
So, from the management point of view, I think this is a New Thing.
Slashdot Mirror
I think he's astroturfing for the pro-patents lobby.
One of the reasons you can't patent software in the EU (and probably many other places) is that algorithms are essentially mathematical constructs, and maths is generally regarded as unpatentable.
So maybe one of the big software houses has decided that the next time they go to court over patents, it might be useful to have a scholarly book saying how algorithms are not in fact math based, and should therefore be patentable.
It would also explain the odd references to circuit boards - which are another arguing point in the patent debate. If it has a physical expression, the argument goes, then it can't be maths.
Well said, sir. And there's nothing wrong with being a software engineer, rather than a computer scientist; I just wish the distinction was clearer in most people's minds.
Well, in the case of TFA, I think it's politically motivated. In a many parts of the world, software patents are still illegal because algorithms are held to be essentially mathematical expressions, and mathematics is excluded from patents. On the other hand, if the big software houses can orchestrate some grassroots support for the notion that "algorithms != mathematics", then they might find the next EU debate on the subject goes a little smoother.
I think that's all this is - a bought and paid for study, intended to smooth a path for eventual legislation.
Alas, this is true of any O/S. If you want to run it securely, you need to understand the issues in some depth. That's why I used the word serious. I don't think ease-of-use really enters into the equation here.
I mean, take a quick look at the OpenBSD website. What's the first thing you see? "Only two remote holes in the default install, in more than 10 years!" What would the equivalent statement be for Microsoft? The number would be three or four orders of magnitude higher.
Thinking about it, that is probably why you're so keen to sideline the discussion into ease-of-use issues: there's no way you can win this one on technical merits.
You seem to be sugesting that a lot of people are installing OpenBSD out of a "ricer" mentality. Like putting racing stripes on your car, and expecting an increase in performance. I can't say I've noticed this personally, but I expect it does happen. The thing is that this still doesn't make XP a better choice. Just as putting stripes on a milk float isn't going make it go any faster, taking the stripes off a Ferrari isn't going to slow it down any, either.
It's also worth noting that the "2 exploits in over ten years" blurb talks about the default install, which suggests that even a naive out-of-the-box installation is still likely to have better security than XP.
It's like I said at the outset: if you're serious about security, you're probably running OpenBSD. You're almost certainly not running a Microsoft OS.
His point, as written, seemed to be that security-through-obscurity must work well, because if it did not then neither Microsoft nor the motion picture industry could have amassed so much money. Sadly, that line of argument ignores the possibility that these industries may have made their billions for reasons unconnected security.
In the MPAA's case they made their money long before the question of copying DVDs ever arose. In Microsoft's case, they rose to their current position of dominance selling a system that didn't even have the concept of logging on - and when they did include a log-on screen, you could bypass it by means of an arcane and little understood hack that experts sometimes refer to as "pressing-the-escape-key"
Granted with XP (and presumably Vista) they've finally started taking security seriously. But that doesn't mean that they owe their money to their track record on security - they made a vast amount of it before they had any security whatsoever. And even if it did, that still necessarily wouldn't make security-though-obscurity an effective approach
Welcome to our parallel universe. We hope that you enjoy your stay.
Oh indeed. But not I hope you'll agree on the strength of their unblemished security record. There are a lot of reasons for buying Microsoft, ranging from "it runs World of Warcraft" to "it came with the computer". But frankly, if anyone is serious about security, they probably run OpenBSD.
Well, that may have been the point you intended to make, but it bears no resemblance whatsoever to what you actually wrote. ebbomega pointed out that security through obscurity had been known to fail in a great many cases, and you tried to rebut him by pointing out how much money Microsoft had in the bank. That might make sense to you (and indeed to a lot of other people on Slashdot) but it still doesn't logically follow.
But even conceding the point...
Why that's right! And your point is particularly relevant because the MPAA owe the vast majority of their millions to the unbreakable nature of the CSS algorithm. In fact, as I'm sure we'll all agree, no one actually finds value in a well made film, or a tuneful song; instead the reason anyone is wiling to pay for such things is because we can sleep soundly at night knowing no-one is going to break into our homes at night and illegally copy all our CDs and DVDs.
In fact, I can remember many a time when I've gone into my local record shop and just given them a tenner. "No, don't give me any music", I tell them, this is just out of gratitude for all the fine work the industry does with DRM .... " ... no, hang on a second, that's not right...
Now I come to think of it, that didn't really happen. It's just this surreal dream I have every now and then. A bit like the one where I buy lots and lots of Microsoft products based on the exemplary security record of their operating system.
Anyway, sorry. What was your point again?
There's an interesting aspect to this in regard to the RIAA.
If Microsoft can argue in court that selling vouchers redeemable for a thing is not the same as distributing the thing itself, then that surely opens the way for web sites to legally sell coupons for MP3s redeemable at sites like allofmp3.com. To date, the ??AA have argued against this notion quite vigourously, So MS could face the unlikely prospect of the RIAA filing an amicus brief against them, if this ever comes to court.
Of course, if that happens, it opens the way for companies to sell vouchers for XP and Vista operating systems, just so long as they're only redeemable from places outside US jurisdiction.
But the real irony would be if, by attempting to fragment the open source community, Microsoft instead wound up setting the IRP lobby at one another's throats. I reckon we could sell tickets...
#include /* IANAL, etc... */
So it's purely co-incidence that they day after DigDuality gives Dan Lyons his contact details, a routine log trawl at his employers highlights 2 ten second uploads to a blogspot IP hosting a site blog they clearly had not looked at, but which they nevertheless felt secure in mis-characterising as a political site which abused the company name?
I suppose it might be possible. It just doesn't strike me as likely.Which is perfectly fair enough. If you design a house with lots of windows (not the O/S for once) then each window is potentially a point of entry. You can use toughened glass, non-opening windows, but it still won't be as secure as an unterrupted wall would have been. So you would be compromising security for features - in this case natural light.
The problem only starts if you then claim that the security of your design is in no way compromised by the windows. Or that it's unfair to compare it against the security of houses with no windows, since those houses have no natural light.
I don't think it has to be. Let's consider a hypothetical case: suppose you had an chemical plant that for years spewed toxic effluent into the river, and which got a deservedly bad name for this. Then, let's suppose, the cleaned up their act and stopped dumping toxins, maybe compensate the people living locally.
At this point, the company still have a bad image, even though they are now good neighbours, so it's a legitimate tactic to get a PR crew in to address the image problems. You've seen the sort of thing: take some film crews around the plant, make some commercials with lots of pictures of sunlight, ripe wheat, green trees and healthy babies.
On the other hand, they could do pretty much the same thing if they haven't got rid of the toxic effluent, or if they solved the problem by venting it as vapour through the air conditioning system at the nearest school.
The trouble is that companies seem to have figured out that they get about the same effect whether they fix the problem or not. So why spend money fixing the problem if the PR is all that's needed?
So, yeah, PR is pretty much the same thing as lies. It needn't be, and it shouldn't be -- but on the whole, that's the way to bet.
Suddenly, I have this overwhelming urge to upload 500 megs of encrypted white noise, and just leave it there. Maybe pick a mildly suspicious name for the file.
I mean, if they play fair, no problem. Of course, if they get curious they could expend a lot of resources trying to find the plaintext in that package :)
Still, so long as everyone didn't start doing it, there'd probably be no problem...
hmmm... a while back there was speculation that Microsoft had despaired of ever having its press releases taken seriously, and instead had started to release company PR disguised as "leaks" about which it would then pretend to get vary annoyed.
By doing so, instead of everyone going "ho-hum - more PR from Redmond" they'd take the leaked document very seriously. Then someone would pipe up with, "you know, if you think about it, Microsoft really don't sound too that bad in this", and everyone would take that seriously too. Because, you know, if it wasn't true, why would they be so angry?
So I suppose it's possible that Microsoft employees aren't the intended audience here...
What do you mean by "legal realities" in that sentence, I wonder. If you think I'm ignoring a point of law, feel free to point it out, but so far it's been your claims about the GPL that don't match with reality.
You did. And I asked you to clarify what you meant by that. Better for whom? Better for what purpose? Better by what criteria? Perhaps this time, I'll get an answer.
I disagree: "communist" is a very loaded term, especially in the US. "Cult" is needlessly pejorative. You're simply loading description of the GPL with negative associations to try and make your point seem better - textbook ad hominem.
Overly broad. If you take a GPL licenced library and link it into your code then yes, you cannot legally distribute that software unless you licence it also under the GPL. That doesn't apply if you keep the software for your personal use however, and it doesn't apply for libraries licenced under the LGPL, which was created to address this very problem.
On the other hand, taking the software as a "basis" could refer to a lot of other scenarios where the GPL would have no effect at all. I could use Bash as the basis for an application framework, and I could keep my scripts as closed as I liked. The GPL specifically allows for that, too. So for most scenarios, you're way off the mark.
Not so fast with the "but". You can choose not to enter into the agreement. No one is putting a gun to your head and forcing you to modify or distribute GPL software. Your freedoms are not infringed; but if you want to use it, you have to abide by the licence.
If you don't like that - hard lines. The licence was chosen by the people who did the work. They get to decide what the licence should be. You can't come along after the fact and tell what terms and conditions they can impose.
If you don't think that's fair, go and tell Microsoft they have to release the code to MS Office under a BSD licence. If you really think you have the right to tell people what licences they can and cannot use, then you might as well start at the top. While you're at it, see about getting Apple to re-licence OS/X back as BSD while you're at it. Once you've got them to agree, getting the GPL dismantled should be a doddle.
No. No, you're not. If you choose a GPL licence for your project, you retain the copyright, and you can close future releases at any time you choose. If you use a GPL library, you can release a version that uses non GPL libraries and close that. And if you start a new project, you can choose any licence you like. Let's try and keep a sense of perspective here.
And the problem I have with your problem is that when you talk about "authors" the guys who wrote the software originally don't appear to get a vote. The original author is the one who gets to choose the licence. But you'r
Oh, I agree. I just found the unintentional admission amusing. I also think there's a wider issue here, a meta-issue meme that could use wider propagation. I just wish I could formulate the idea a little more clearly.
mmm.. certainly, stock control is a valid application for the technology. But I agree that the potential for abuse is terrific, and I'm in favour of laws to limit abuses like requiring implants.
Well... I guess it was the mix of belligerence and hyperbole coupled with factual inaccuracies and what seemed at the time to be deliberate reliance on logical fallacies to make you point. I do apologies if I misjudged your intentions, but you certainly sounded like you were trolling.
And you know, if the single line you quoted had been the entirety of my post, I'd have to concede you had a point. Still, let's talk about the GPL.
No. No it does not. Look, the GPL lives here. Go have a read of it.
Among other things, you'll notice that the licence states outright that it only applies to copying, distribution and modification. In particular, it disclaims all restrictions on running the program. Reading is mentioned nowhere in the licence, but since reading is neither modification nor distribution we can safely conclude that reading is outside the scope of the licence also. Here's the text in question:
By what criteria? The GPL is, I believe, the most widely used Free Software licence. It attracts more developers, and has more software. I'm not knocking BSD, but if you want me to accept it as being equally successful, I think you're going to need to say how you define success.
Speaking of ad hominem attacks, that sounds rather like one to me. Maybe you need some better arguments :)
Analogue as opposed to binary. Not a metaphor, it's a term from engineering with a precise value. A binary value is either true or false; on or off; an analogue one can be have man values in between. It's a sliding scale; a continuum. It's about third from the top if you ask Google for definitions
Now if you insist on Freedom being a binary value, then a single restriction is enough to demonstrate the non-freeness of the licence. This is, correct me if I'm wrong, your argument from your earlier post.
Of course, by the same logic a single permission would be enough to demonstrate the unrestricted nature of the licence. Since the GPL both grants permission and imposes restrictions that would be a contradticon. From this we can infer that your logic here is incorrect.
Incidentally, since we're quoting logical fallacies at one another, I think you'll find that one is called denying the antecedent
I know you're just trolling, but I'm nevertheless going to point out that the GPL doesn't make any requirements of the user at all.
It does place some conditions on the distribution of the software, but that's a different case from simply making use of the software. The distinction is important.
Hmm... I expect you, like most of us, live in a country where the government places restrictions on activities such as theft and murder. If freedom is not freedom except in the complete absence of restriction, those laws would make you a slave.
Alternatively, perhaps you might concede that freedom is most usefully considered as an analogue value. Thus you may enjoy a great many freedoms while still being restrained from certain anti-social acts.
Similarly, the GPL grants its users a great many freedoms that would not be theirs under copyright law, and more again than those granted by many industry EULA which tend to impose additional conditions upon any use of the software.
Useless to whom? Useless for what purpose? I've found it very useful for wide range of tasks. So it seems have many others.
Die Laughing, is more like it.
Actually, I found that part of it refreshingly honest. What she's saying is tantamount to something like this:
The nice thing about that is that it means their opinion on any subject can be dismissed out of hand. It's like a binary signal that's always set to one; it carries no data. We already know what they're going to say, whatever the question ("RFID tags are GOOD!") and we know why ("because it make us MONEY!").
It's just rare to see one of these industry pressure groups quite so willing to disqualify themselves from the debate.
They mentioned the requirement that the program remain "open". They just didn't go into detail about precisely what "open" means in this context, or how that openness is maintained. Considering the scope of the article, I'd say that was about right.
How true. I mean if you've been caught on CC-TV robbing a series of liquor stores at gunpoint, GPL compliance probably isn't going to be much help when you find yourself in court. On the other hand, if you're merely reluctant to distribute a specific application Linux live CD or virtual appliance, then I can imagine this being considerable reassurance to a newcomer to open software.
You have to consider that most people when they think "software licence" think "Microsoft EULA"; it's possible that a lot of those folks think that any redistribution of software carries legal penalties. Explaining that this isn't the case with the GPL might be the missing datum some people need in order to understand what makes free software different.
Well certainly, a hypervisor rootkit is potentially a Very Bad Thing. Still, I do wonder if you've thought that scenario all the way through.
I mean, hypervisor subversion might be an issue for Xen, but wouldn't necessarily affect VMWare, for instance. Which is, I hope you will agree, the most likely scenario for inexperienced virtualisers. Download VMWare server, generate an empty VM, stick the Vista CD in an boot. That should be safe as houses.
And that's another thing. If your naive user isn't using VMWare, if they have the know how to do something like set up Xen with (say) a RedHat Dom0, and then get vista to install and run as a DomU, then I find myself wondering about your use of the word "naive". Maybe it don' mean what you think it means....
Then of course, we should consider that you don't need to be running under virtualisation to have waht you describe happen. The best known hypervisor rootkit would seem to be Blue Pill, which works by exploiting hardware virtualisation support in newer CPUs.
So not vitualising doesn't help in the case you describe, and the people you claim the measure is designed to protect don't seem terribly vulnerable. So I don't think this is Microsoft's true motivation.
And personally, if I was concerned about having my monitor OS subverted, I wouldn't choose a Microsoft OS for the role in any case. But maybe that's just me.
Of course, if sales are slow that doesn't mean that Vista is "good", either, All it means is that it is "not selling". (Try this at home, kids! Put "quotes" where they're not "needed").
Which is fair enough, except that someone at Microsoft was prepared to change the EULA. A decision that was then reversed in favour of an advertising campaign. Like I say, I think someone is getting desperate.
I don't think it's a sales droid either. The pressure is going to descend on a subset of those managers responsible for Vista design and development. The ones that inhabit The Scapegoat Zone.
Either way, it's interesting.
Which, (assuming sarcasm on your part), wouldn't rule out the virtualisation restrictions being a contributory factory in to poor vista sales. I think we can take the poor sales as a given - if vista was flying off the shelves, MS wouldn't trouble with a "fact rich" campaign to persuade potential customers to "proceed with confidence". Whether or not sales is the same thing as popularity is another question, although Microsoft fans don't usually have a problem with the notion when contrasting Windows against Linux.
But let's not get sidetracked. Even if virtualisation isn't causing Vista's sales problems, it could still be seen as doing so, internally. For that matter, if MS were going to relent a little on the more controversial features of Vista, they're more likely to give ground over virtualisation than they are to back pedal over DRM, for example. And there's probably nothing they can do at this late stage about the hardware issues. So if they were inclined to throw the potential buyer a bone, it would pretty much have to be over virtualisation.
Maybe that's what happened here. One faction was all set to change the EULA in the (perhaps slightly desperate) hope of kick-starting a wave of Vista adoption. Then someone else comes along and says "it's OK - we'll fix it in advertising" and the change got withdrawn. In some ways, this seems the simplest explanation.
And if advertising fails to fix the sales problem, we may yet see the licence restriction withdrawn.
So really, I don't think the size of the virtualisation market much matters when it comes to forcing MS' hand in this case. Because I think the pressure is coming from within. I think MS are well aware that it isn't going to address most potential buyers concerns, but I don't think that matters. Ten years and billions of dollars have been spent, and careers will be on the line over this. I think some folks at MS are starting to clutch at straws. Virtualisation must look very tempting to them.
How true. I virtualise and I got stuck in a traffic jam on my way into work for three hours!
The trouble is, I have a suspicion that it might have happened even if I didn't virtualise. So maybe it isn't related.
Did you have any concrete examples of Bad Things that can happen as a direct result of virtualisation?
I entirely agree. The point I was trying to make as that even if (as claimed) 95% of the complaining slashdotters haven't tried Visa, that still doesn't invalidate their reasons for not trying the O/S. I'm a die hard penguin head these days, but ever if I were not, the DRM provisions would make me most reluctant to upgrade.
This is about the only point where I disagre with you. Firstly, I have difficulty with the idea that MS spent 10 years and billions of dollars on a deliberately bad flagship O/S release. I suppose they could have done - there's always an element of doubt in such questions. On the whole though I think I prefer to apply Hanlon's Razor and attribute Vista's shortcomings to a sort of corporate stupidity rather than some grand master plan.
But more importantly, I don't think it's an either/or proposition. We can point out the shortcomings of Vista and denounce Microsoft's attempts at an IPR land grab both.
But apart from that - good points and well made. Thank you.
Well, I think your percentage is too high, but you've undoubtedly got a point. I mean in addtion to those who are moaning after having tried it, you have those who are complaining about not being able to purchase a Microsoft operating system unencumbered with DRM; those who are concerned that changing operating system will cost them much more than price of the OS, in hardware and software upgrades; and of course those who are sick of Microsoft moaning on about people not paying for Vista when they don't see anything wrong with the operating system they have at the moment.
I don't think any of those viewpoints are unreasonable, personally.
Admittedly, you also get people like me. I haven't tried Vista because I use Linux, and because MS burned me one time too often for me to willingly use their software - especially this early into a product lifecycle. Then again, I'm not moaning so much as laughing at Microsoft, so that's probably OK too.
Some of them are. But I'm seeing a lot of people here saying, in effect, "I've tried it and it sucks! I want to stick with XP!" Unless of course you want to invoke The PJ Principle and claim they're all lawyers employed by IBM or something...
Until now, there hasn't been the need. When IT equipment was bulky and or expensive, firms could just make sure all their infrastructure used the same supplier. Then as handhelds started to arise, everything had to be compatible with Windows, since everyone wanted to be able to sync against Outlook.
Now though... if enough people buy iPhones, and then say "so why doesn't our email work with the iPhone?" that's going to put a lot of pressure on firms. Offhand I can't think of anything with popularity of Apple's iLife range where the vendor has been brave enough to rely on open standards.
So, from the management point of view, I think this is a New Thing.