Have you ever READ the GPL? Section 3b. Offering the source from the same place is ONE of the ways to comply. He can also offer to provide a complete machine-readable copy of the source code, or pass along the offer he got when downloading (provided he's not doing it commercially).
"Any license that you may believe you acquired with the Software is void, revoked and terminated."
Void? Perhaps. Revoked and Terminated? You can't revoke or terminate a license that isn't valid, and if it _is_ valid, you can't revoke or terminate the GPL anyway.
While it's true that people can indirectly die because of a virus, the same thing can be said of:
Driving a car
Calling 911 for anything but a life-threatening emergency
Working with sharp objects
Operating heavy machinery
Sports
All of these scenarios have the potential to kill people, especially if misused. Should we treat every NFL player and construction worker as potential killers? I don't think so.
Realize that a lot of these virus writers are just immature teenagers. Like playing "chicken" in a car, or racing really fast, their actions are dangerous, reckless, and have the potential to cost lives, and cost others money. By all means, punish them for their recklessness, but personally, I'd rather live in a society with a little mercy and forgiveness.
"Zero-Tolerance" is fine, as long as everyone is perfect.
When I get people complaining about me removing gator (I won't support a system with spyware on it, but I will remove the spyware for free), I just point them at the Google Toolbar. It does what they want, and it blocks popups too.
I'm one of those aforementioned programmers working for free and asking little in return (not nothing, there is a catch.) I don't want money so much as a product. That's why I wrote it in the first place. When others use my products, if they improve (and distribute it), I can copy the changes they made back and improve it. A number of people have submitted patches to me.
When two people work together on a project, they both get a great project, and average a little over half the work. Now imagine if hundreds (or thousands) of people were all working on the same project. For a fraction of the work, contributors get a fully functional project, with the changes they were willing to make. Everybody wins, including the person(s) who put in the work for the initial release.
It's kind of like community service. One person working to clean up a neighborhood will take a lot of work, and have limited success. But if lots of people get together and spend a couple hours, the neighborhood looks nicer, and took less work (per person, not necessairily in total).
How's this: Anything which can be better ran privately without significant detriment, and less government intervention for things that aren't.
There are a number of things which: - are necessary, but people wouldn't be willing to support on their own (welfare, etc.) - would cause way too many programs (for example, suddenly switching to all private police) - are impractical for only those who pay to derive benefit from (mainly military. For example, if you are protected from nukes, your neighbor is too. Too many people would try to freeload for that to be voluntary.) - are impossible to use without infringing on others rights or abilities to do likewise (radio, polution, etc.)
However, there are a number of things we currently do which can be entirely or partially privatized. Private companies, by virtue of having a profit motive while being (mostly) unable to change the law to suit them, are naturally better suited to the job. People can (barely) control the corporations - controlling the government is a much harder affair.
The GPL _is not a contract_. You don't need to sign it, or even to agree to it. They specifically say that you do not have to agree to it. The GPL is a _license_.
So, to compare the two: (X refers to the freedoms allowed under fair use)
DVDs - You bought the hardware. The law (and judicial precident) say you can do X. They try to stop you from doing X. The DMCA prevents you from circumventing some protection measures, but the actual copies and derivitive works (that you dont distribute) are legal.
Regardless, the GPL is a _license_. This is a different beast. Once you get a piece of GPL code, the law says you can do X. Like a DVD, copyright laws say you may _not_ distribute copies, modified or otherwise. However, as a _license_, the GPL says you _may_ distribute, provided you follow certain conditions. It's not a contract in any way, shape, or form.
It's similar to if I were to compose a piece of sheet music or write a book. If I give it to you, you can do a lot of things with it, but you cannot distribute copies permission. Now suppose I add the license "You may make and distribute unlimited copies, provided you do not remove this copyright notice". Do you have to sign a contract for that? Of course not, because it is a right you being given, not a freedom being taken.
If the law says that I can drive my car on any public road I choose, I do NOT want my car company placing artificial restrictions on where I can drive it. If it's their car, fine. Once it's in my posession, it's fair game.
Government has a high overhead in everything they do (Why innovate when you can legislate/A dime not spent is a dime not received next year/etc.). The government will spend the money, but so probably will the cheater. Who is to say that the money isn't put to better use as part of someone's wages directly, and skipping one round of government skimming?
(Company->Cheater->Company(with tax)->Employee(with tax)->Company(with tax)) vs. (Company->Cheater(with tax)->Company(with tax)->Employee(with tax)->Company(with tax).
Why should a person be coerced into paying 50% of his income to support a government he does not support, and did not choose to accept? (No, shove it or leave it is not always a viable alternative.) If people were allowed to choose to "opt-out" of our current system (and the services that go with it), our current system could not sustain itself. Most people put in more than they get out (without having any say in the matter), and that is simply not right. What better way to show your lack of support for the government and resist the powers that be than not paying any more than they can get out of you? Why should we be forced to pay for this huge government when most (if not all) of the services it provides can be handled better and cheaper privately.
However, I suspect we do agree on one thing. The people who cheat taxes out of sheer greed, and like the system as it is (or do not wish to change it) are a detriment to the system. If you support the government, cheating taxes is hypocritical.
Well, if the repercussions consist of "smaller government", it's not necessairily negative. In fact, it can be a benefit. The trick is to get them to cut the crap, not the important programs.
It's a shame the system works the way it does. So many taxes are just one group using taxes to make everyone else pay for something they want. The government skims some off for overhead. In the end, we are all poorer, and the government is too big.
"Attestation is crucial for this application by allowing the voting server to make sure that the user's voting software has not been altered on the disk."
Since he refers to it as the "user's" voting software, I must assume this would be for home users, not some central polling location. If it's at the user's premises, it shouldn't matter if the user's software has been tampered with. A simple cryptographic hash can be used to ensure that the vote was not tampered with en-route.
"Trusted Computing will solve this problem by allowing the server to make sure that the game client software is clean and unmodified." First off, many "cheats" don't modify the existing client at all. Instead, they act as wrappers to drivers, or even hack the driver itself. Plus, how can you be sure that the computer doing the checking is really a computer at all? I've written a patch for bochs that lets me tag a specific set of bytecode, and have bochs execute another set entirely. This system would pass any sort of memory check just fine, but none the less can easily be used to cheat.
"Without such a technology, cheating is only going to get worse, demoralizing players and driving them from the games." Actually, Trusted Computing games would be even less likely to sell. Look at the distribution of games now: how many [non-console] games come out on CD vs DVD? How long have DVD drives been out? The long and short of the matter is that game designers are out to appeal to as broad an audience as possible. The people most likely to modify the game and keep it interesting (mods are a large part of why people still buy half-life one) are the people most likely to be turned off by TC anyway.
"Using remote attestation, player software could confirm that the casino was using a certified and validated software package for its game play calculations, one known to be free of bias and to give the player an honest chance." And then the casino simply proxies the connection and modifies the output to tell you you lose anyway. Different type of cheating, only now since it's "Trusted", it's even harder to catch.
"Secure I/O prevents the financial application from being spoofed by false or malicious inputs, and protects the privacy of the user by insuring that other software cannot see the information that the financial application is presenting on the screen." One need only look at email viruses and scams. People are already dumb enough to do it on their own anyway. Trusted computing just means that the bank can finally shift the blame to the consumers instead of the bank (possibly even when it's really not the consumer's fault). Whether you consider this a good thing or bad is a matter of opinion.
"Trusted Computing can alleviate this problem by allowing the formation of a new kind of VPN, one which will only allow trusted applications through the firewall." How many attacks come through a VPN? Not many. Plus, the ones that do can simply attack the services offered (buffer overflows, race conditions, etc.) This is another case of "it's trusted, so it must be ok" thinking. Remember, trust is something that can compromise your security.
"P2P software can limit the amount of data available to the end user of the machine, so that he does not see which other computers in the network his data comes from". Ok, even if the software disables netstat, there's nothing it can do about ettercap, or even a hub and a decent network sniffer. Even if the software were flawless, all the **AA would have to do is start a download, and start logging network traffic. Plus as an added bonus, the P2P clients can now refuse to run without or connect to spyware-free clients.
"The step of reading messages, decrypting and mixing them, can be fully protected within the TC security boundary. No longer will the operators of remailers be aware of how their machines are
Time the presentation and the slide transitions, then make sure you have some extra information (the stuff you trimmed) for each slide. If you go over in time, make a quick transition and continue. If you go too long, bring out some of the info not in the slide and field questions.
Same effect, and if you do it right, the audience cant tell you screwed up the timings by 30 seconds.
"From what I remember, you were posting quite soon after AOL got usenet access, but of course I would have no idea of where you were posting from if in fact you did post previous to Jan 4, 2005."
"On the google note, google says that you didn't start posting to alt.aol-sucks from AOL until January 4, 2005...almost 10 months (IIRC) after AOL had usenet."
Hmm... So, AOL got usenet in March 2004? Wow, they must be behind the times.
Slashdot Mirror
If they don't, you had better hope they use static ARP, or something like EtterCap will eat right through your network.
This sounds like something out of Total Recall, or some other cheezy scifi flick.
Next thing you know, you find out they are paying you in "Hillary Dollars".
Have you ever READ the GPL? Section 3b. Offering the source from the same place is ONE of the ways to comply. He can also offer to provide a complete machine-readable copy of the source code, or pass along the offer he got when downloading (provided he's not doing it commercially).
So shut up.
"Any license that you may believe you acquired with the Software is void, revoked and terminated."
Void? Perhaps. Revoked and Terminated? You can't revoke or terminate a license that isn't valid, and if it _is_ valid, you can't revoke or terminate the GPL anyway.
All of these scenarios have the potential to kill people, especially if misused. Should we treat every NFL player and construction worker as potential killers? I don't think so.
Realize that a lot of these virus writers are just immature teenagers. Like playing "chicken" in a car, or racing really fast, their actions are dangerous, reckless, and have the potential to cost lives, and cost others money. By all means, punish them for their recklessness, but personally, I'd rather live in a society with a little mercy and forgiveness.
"Zero-Tolerance" is fine, as long as everyone is perfect.
The reason it's "funny" is because most viruses don't advertise they have infected you.
This is slashdot - it doesn't take much to be funnier than most of the other posts.
BitTorrent.
When I get people complaining about me removing gator (I won't support a system with spyware on it, but I will remove the spyware for free), I just point them at the Google Toolbar. It does what they want, and it blocks popups too.
8-mile and South Park?
I'm one of those aforementioned programmers working for free and asking little in return (not nothing, there is a catch.) I don't want money so much as a product. That's why I wrote it in the first place. When others use my products, if they improve (and distribute it), I can copy the changes they made back and improve it. A number of people have submitted patches to me.
When two people work together on a project, they both get a great project, and average a little over half the work. Now imagine if hundreds (or thousands) of people were all working on the same project. For a fraction of the work, contributors get a fully functional project, with the changes they were willing to make. Everybody wins, including the person(s) who put in the work for the initial release.
It's kind of like community service. One person working to clean up a neighborhood will take a lot of work, and have limited success. But if lots of people get together and spend a couple hours, the neighborhood looks nicer, and took less work (per person, not necessairily in total).
After like 40 minutes or so, the audio gets out of sync. They are saying badger, but showing mushroom.
After 6-7 hours, they get back in sync though.
No, I'm not kidding. I wish I was.
What "crap" do you want to see cut?
How's this: Anything which can be better ran privately without significant detriment, and less government intervention for things that aren't.
There are a number of things which:
- are necessary, but people wouldn't be willing to support on their own (welfare, etc.)
- would cause way too many programs (for example, suddenly switching to all private police)
- are impractical for only those who pay to derive benefit from (mainly military. For example, if you are protected from nukes, your neighbor is too. Too many people would try to freeload for that to be voluntary.)
- are impossible to use without infringing on others rights or abilities to do likewise (radio, polution, etc.)
However, there are a number of things we currently do which can be entirely or partially privatized. Private companies, by virtue of having a profit motive while being (mostly) unable to change the law to suit them, are naturally better suited to the job. People can (barely) control the corporations - controlling the government is a much harder affair.
No, but being a for-the-purpose-of-writing-interoperable-software- under-section-1201-f-of-the-DMCA program does.
In other words, it's legal until a court says otherwise.
" Sourceforge has actually already pulled it."
Uh, huh, sure they have...
The GPL _is not a contract_. You don't need to sign it, or even to agree to it. They specifically say that you do not have to agree to it. The GPL is a _license_.
So, to compare the two: (X refers to the freedoms allowed under fair use)
DVDs - You bought the hardware. The law (and judicial precident) say you can do X. They try to stop you from doing X. The DMCA prevents you from circumventing some protection measures, but the actual copies and derivitive works (that you dont distribute) are legal.
Regardless, the GPL is a _license_. This is a different beast. Once you get a piece of GPL code, the law says you can do X. Like a DVD, copyright laws say you may _not_ distribute copies, modified or otherwise. However, as a _license_, the GPL says you _may_ distribute, provided you follow certain conditions. It's not a contract in any way, shape, or form.
It's similar to if I were to compose a piece of sheet music or write a book. If I give it to you, you can do a lot of things with it, but you cannot distribute copies permission. Now suppose I add the license "You may make and distribute unlimited copies, provided you do not remove this copyright notice". Do you have to sign a contract for that? Of course not, because it is a right you being given, not a freedom being taken.
If the law says that I can drive my car on any public road I choose, I do NOT want my car company placing artificial restrictions on where I can drive it. If it's their car, fine. Once it's in my posession, it's fair game.
Government has a high overhead in everything they do (Why innovate when you can legislate/A dime not spent is a dime not received next year/etc.). The government will spend the money, but so probably will the cheater. Who is to say that the money isn't put to better use as part of someone's wages directly, and skipping one round of government skimming?
(Company->Cheater->Company(with tax)->Employee(with tax)->Company(with tax)) vs.
(Company->Cheater(with tax)->Company(with tax)->Employee(with tax)->Company(with tax).
Why should a person be coerced into paying 50% of his income to support a government he does not support, and did not choose to accept? (No, shove it or leave it is not always a viable alternative.) If people were allowed to choose to "opt-out" of our current system (and the services that go with it), our current system could not sustain itself. Most people put in more than they get out (without having any say in the matter), and that is simply not right. What better way to show your lack of support for the government and resist the powers that be than not paying any more than they can get out of you? Why should we be forced to pay for this huge government when most (if not all) of the services it provides can be handled better and cheaper privately.
However, I suspect we do agree on one thing. The people who cheat taxes out of sheer greed, and like the system as it is (or do not wish to change it) are a detriment to the system. If you support the government, cheating taxes is hypocritical.
Well, if the repercussions consist of "smaller government", it's not necessairily negative. In fact, it can be a benefit. The trick is to get them to cut the crap, not the important programs.
It's a shame the system works the way it does. So many taxes are just one group using taxes to make everyone else pay for something they want. The government skims some off for overhead. In the end, we are all poorer, and the government is too big.
Well, in CA, the paper trail opens it up to completly different abuses.
However, in this case, how long an employee works in a week is not exactly a big secret. If he wants to show it to people, more power to him.
"Attestation is crucial for this application by allowing the voting server to make sure that the user's voting software has not been altered on the disk."
Since he refers to it as the "user's" voting software, I must assume this would be for home users, not some central polling location. If it's at the user's premises, it shouldn't matter if the user's software has been tampered with. A simple cryptographic hash can be used to ensure that the vote was not tampered with en-route.
"Trusted Computing will solve this problem by allowing the server to make sure that the game client software is clean and unmodified."
First off, many "cheats" don't modify the existing client at all. Instead, they act as wrappers to drivers, or even hack the driver itself. Plus, how can you be sure that the computer doing the checking is really a computer at all? I've written a patch for bochs that lets me tag a specific set of bytecode, and have bochs execute another set entirely. This system would pass any sort of memory check just fine, but none the less can easily be used to cheat.
"Without such a technology, cheating is only going to get worse, demoralizing players and driving them from the games."
Actually, Trusted Computing games would be even less likely to sell. Look at the distribution of games now: how many [non-console] games come out on CD vs DVD? How long have DVD drives been out? The long and short of the matter is that game designers are out to appeal to as broad an audience as possible. The people most likely to modify the game and keep it interesting (mods are a large part of why people still buy half-life one) are the people most likely to be turned off by TC anyway.
"Using remote attestation, player software could confirm that the casino was using a certified and validated software package for its game play calculations, one known to be free of bias and to give the player an honest chance."
And then the casino simply proxies the connection and modifies the output to tell you you lose anyway. Different type of cheating, only now since it's "Trusted", it's even harder to catch.
"Secure I/O prevents the financial application from being spoofed by false or malicious inputs, and protects the privacy of the user by insuring that other software cannot see the information that the financial application is presenting on the screen."
One need only look at email viruses and scams. People are already dumb enough to do it on their own anyway. Trusted computing just means that the bank can finally shift the blame to the consumers instead of the bank (possibly even when it's really not the consumer's fault). Whether you consider this a good thing or bad is a matter of opinion.
"Trusted Computing can alleviate this problem by allowing the formation of a new kind of VPN, one which will only allow trusted applications through the firewall."
How many attacks come through a VPN? Not many. Plus, the ones that do can simply attack the services offered (buffer overflows, race conditions, etc.) This is another case of "it's trusted, so it must be ok" thinking. Remember, trust is something that can compromise your security.
"P2P software can limit the amount of data available to the end user of the machine, so that he does not see which other computers in the network his data comes from".
Ok, even if the software disables netstat, there's nothing it can do about ettercap, or even a hub and a decent network sniffer. Even if the software were flawless, all the **AA would have to do is start a download, and start logging network traffic. Plus as an added bonus, the P2P clients can now refuse to run without or connect to spyware-free clients.
"The step of reading messages, decrypting and mixing them, can be fully protected within the TC security boundary. No longer will the operators of remailers be aware of how their machines are
I did it because I was short on cash and Dance Dance Revolution wasn't available for any other platform.
It's surprisingly addictive.
Time the presentation and the slide transitions, then make sure you have some extra information (the stuff you trimmed) for each slide. If you go over in time, make a quick transition and continue. If you go too long, bring out some of the info not in the slide and field questions.
Same effect, and if you do it right, the audience cant tell you screwed up the timings by 30 seconds.
Like new.net (only without the spyware). This is what they do, and you can add new.net to the Default DNS suffix to do just that.
That's why you add your own Root CA into the Root Certificate Store, and sign your own drivers.
I've tried it - works like a charm.
And like aids, using MacOS or Linux will make you significantly less attractive to most of the population. Think of it as a form of birth control.
"From what I remember, you were posting quite soon after AOL got usenet access, but of course I would have no idea of where you were posting from if in fact you did post previous to Jan 4, 2005."
"On the google note, google says that you didn't start posting to alt.aol-sucks from AOL until January 4, 2005...almost 10 months (IIRC) after AOL had usenet."
Hmm... So, AOL got usenet in March 2004? Wow, they must be behind the times.