Be on the look out for male subject with red yarn hair and wearing patched denim overalls. May be accompanied by a female known as "Raggady Ann". Approach with extreme caution. Report all sightings to Microsoft Security Services or Darl McBride of SCO Group. Reward Offered.
Actually, it does. SCO is enforcing a contract that is predicated on its ownership and right to license.
Now apparently according to the unix purchase agreement with Novell, as long as Novell continues to own UNIX, SCO can only take actions against licencees with Novell's consent, So if Novell owns UNIX, SCO can not proceed against IBM. Also, how can SCO enforce a trade secret if it does not own the trade secret in the first place?
Since this goes to the heart of SCO's claims against IBM and also of Redhat's suit against SCO, I predict that both sides in both lawsuits (SCO vs IBM and Redhat vs SCO) will ask for the respective lawsuits to be suspended (on-hold) until this is resolved. Bottom line: several more years of drawn out FUD with no resolution in sight.
As part of the predicted re-org, maybe an audit committee would be a good idea. Supposedly, there have been some instances where BSD code (some of which really did have a genisis in AT&T ancient unix) has been placed in the Linux Kernal (which is allowed under the BSD license) but had the BSD/AT&T copyrights stripped/unattributed (which in not legal under the BSD licence). Now might be the opportunity to formally audit the entire code base and make sure that all the BSD/AT&T code is properly attributed. I know there have been some informal efforts at this, but I'm not aware of any official Kernel.org effort. Not only will it make the Linux community look better, but it would undercut SCO, plus its the right thing to do.
If you you were in the U.S. Army sometime before 1990, you probably know what that means. These were the standard field radios before the new SINCGARS encrypted/frequency-hopping radios came into use. The old "prick 77" radios that we carried around on our backs used a lithium battery. The radio had a vent on the battery compartment to let out explosive gases (and water if you were dumb enough to get your radio wet). If the vent became blocked the battery could explode! Ouch! Never happened to me personally, but it was legendary among RATELOs.
For those users stuck inside the default gui and without knowledge of the command line (the real target audience of "UserLinux"), I am sure there will be a front-end installer to add new packages. Just include alternate guis as optional packages to be added at the users' descretion. Why stop at KDE? You could include any number add-in optional packages that are not "default". Anyway..., multiple packages that all do the same thing (like guis) will simply increase the complexity, bloat, and confusion for the target audience. Select one good one, and they can add others if they so desire.
This whole debate sounds to me like what the BSDers call "bikeshedding". Arguing ad nauseam over minor details like colors because the deep-down architectural stuff is beyond intelligent discussion for most folks.
So, in additon to hiring the same lawyer (Boise), I see the DOJ has hired SCO's encryption team of MIT mathmaticians to handle its super-secret documents. Next they will hire SunnComm to write a document locking program that uses the windows auto-play feature, change their font to Chinese script, and make it black on black background. Shhhh.. don't tell the Russians to hold down the shift-key.
From what I've seen, the Java Desktop System runs on top of SuSe Linux. But the major components such as Gnome, Mozilla, StarOffice, and Evolution will compile on Solaris too. So why isn't Sun using this to push x86 Solaris instead of Linux? Is it because of crappy hardware support for PCs in Solaris? Certainly, I would think that Sun knows their own OS and could get it to work. Certainly it wouldn't cost them much extra to press a few more Solaris CDs, license them at the $100 per user, keep the all the revenue in-house, and not have to split it with Suse. Also, I would think a Solaris Desktop would be a good sell to the sysadmins and IT purchasers who already run a "Sun shop" in the machine room, not the least because they already know it, trust it, and could easily integrate it with thier existing infrastructure (although Linux does play well with unix standards too). All I can think of is that Sun is afraid of Solaris as a desktop OS because it might eat into the prestige of Solaris as a premium server OS.
I used to work as a military logistician, and we were doing this all the way back in 1995 during the Haiti intervention and the refugee crisis at Guantanemo Bay.
The Army recongnized the need for RFID all the back in 1990-1991 in Desert Sheild/Desert Storm. Back then they were sitting on thousands of 20 foot and 40 foot shipping containers in Saudi Arabia. But the paperwork was so bad that they couldn't tell what was inside the containers and the database system they used to keep track of shipments was a 1973 vintage punch card system (no really.. it was). So they spent thousands of man-hours opening the boxes and recording the contents and figuring out where it was supposed to go. The actually had a man killed when all the crap fell out on top of him while he was opening up one of the boxes. Meanwhile, forward deployed units were languishing without supplies or spare parts. So they knew they had a problem. The answer was to improve the tracking paperwork with an oracle based system called WPS (WorldWide Port System) and they started doing experimental use of RFID on vehicles and shipping containers. The RFID transmitters were based on the ones used by the railroads and were about the size of a book (approx 8x6x3 in). The were bolted onto the exteriors of the shipping containers and short range transmission towers were built in the ports and at transportation hubs. The first chance to test them in the real-world was the Haiti crisis. All the supplies to GITMO and Haiti were flowing through the port at Jacksonville Florida. The tests were a moderate success (sometimes the tags fell off or data was bogus because somebody was too lazy to key the right values). Overall, the military was very pleased because it finally afford military commanders "Intransit Visibility" or ITV. Commanders were very happy to know where their supplies and equipment was. During the last several years, the tag technology has gotten better and better and they started installing them in vehicles whenever they were deploying.
Everyhing you listed are *application* flaws with the possible exception of ipmasq and even that is optional. Nothing you listed is a core OS flaw or a "default" configuration issue, unlike the many many problems with windows.
A few months ago, my sister-in-law and her husband bought a new computer (loaded with XP as most are). They are average users: they browse the www, send email, write letters, and play games. The know how to use their box, but they don't know how to administer it. So everything that was shipped as default was still default -including the messanger service. They are on cable modem and were getting constant popups (and I mean constant, like one every 30 seconds) over the messanger service. Now multiply that by millions of people and you have millions of potential DDOS zombie machines, or spam spewers, or any other nasty (or illegal) thing you can imagine.
It is time for MS to immediately change the default shipping configuration of XP to turn every service off by default because no desktop should be listening on any tcp by default. If that means they need to recall and replace all the master disks that they license to OEMs, then they need to do it. They need to have every major retail outlet yank all the shrink-wrap boxes and replace them with new one with secure default configurations. MS is sitting on $46 million in cash, so they can easily afford this expense as chump change. It just a question of whether they are willing to admit fault and buck up for failing their customers or if they are too greedy to spend some of their hoarded wealth.
MicroSoft has a history of maintaining its monopoly by breaking compatibility with competitor's products by subtily changing (or they claim its extending and enhancing) the protocol. The most famous example were DrDOS and Java. If Samba gets too close, I wouldn't be suprised if MS didn't come up with an "enchancement" to Active Directory or SMB/CIFS or the NT-authentication protocols that will break Samba. The up-coming service pack will be the perfect oportunity for a "security fix" that will wall out Samba for a while.
(Related but slightly off-topic) A few days ago, there was an article about IE having broken support for standards, especailly CSS. I don't think that is an acident. I strongly suspect that MS won't fix IE because the "problem" helps them maintain a monopoly in browsers. If you want to get your stuff to render properly in 95% of people's browsers, you have to code to IE, not the "standard". This means your stuff won't render properly in the other 5% of browsers unless you go through lots of trouble to do browser dectection, alternate pages, or take lots of care for cross-browser compatibility.
If I remember correctly, SCO only gets a small administrative fee (like 5%) of the royalties for pre-existing UNIX licensees, the other 95% go to Novell. So, the "old" UNIX licenses pay SCO almost nothing. But I think SCO gets to keep most of the money on the "new" licenses.
So, how can SCO convert the old licenses to money? They terminate them and force the customers to buy new licenses under more lucrative terms. But they can't just terminate without cause. They need a pretext. The "unauthorized transfer of code" provides just such a pretext.
It probably depends on what SGI's license contract says and if there was a single one-time lump sum payment or if its a continual trickle of royalties. It it was a one-time lump sum, then SCO (or should I say SCO's predecessors Novell or Tarantula) already has the money and no extra revenue is coming in. This way, SCO can terminate the old license (for which they are not getting any more money anyway) and force SGI to re-license under a more lucrative scheme.
Or it could be done by a consumer group such as "Consumer Reports" that do have the resouces to hire people. And of course, corporate customers have the resources to hire experts to examine it too.
History By Joy (or all the bad things done by C )
on
The Next Path for Joy
·
· Score: 1
1. The Crash of the Hindenburg (the lading routines were in C)
2. The Stock Market Crash of 1929 (the buy and sell orders were written in C)
3. Adolph Hitler (Mein Kampf was written in C)
4. The Soviet Union ( Remember.. its initials in Russian were "CCCp")
6. New Coke (created engineers using a C program)
7. Drug Addiction (because you must be smoking crack to program in C)
Because it is open for examination the user is free to examine OSS and find any defects. With closed source, your are forced to rely upon the vendors representation, so liability should follow.
The difference is that what you release as open source is open for examination so there are no "hidden" defects. The user is free to examine your product and find an error. I think disclaimers of warrentees should be forbidden for a closed source product, because the user has to take the vendors word on the nature of the product. Any time you *represent* something and the user can only take your word for it, then legal liability should attach. But with an open source product, the user (or somebody he hires) is free to examine it himself and does not have to take your word, so you ought to be able to disclaim warrentees..
Now if a defect did exist in an open source product, if is simply unknown, not hidden. In that case you have what the lawyers call a "mutual mistake". You didn't see it and the user didn't see it, but no liablity attaches since it is mutual.
Slashdot Mirror
Be on the look out for male subject with red yarn hair and wearing patched denim overalls. May be accompanied by a female known as "Raggady Ann". Approach with extreme caution. Report all sightings to Microsoft Security Services or Darl McBride of SCO Group. Reward Offered.
Actually, it does. SCO is enforcing a contract that is predicated on its ownership and right to license. Now apparently according to the unix purchase agreement with Novell, as long as Novell continues to own UNIX, SCO can only take actions against licencees with Novell's consent, So if Novell owns UNIX, SCO can not proceed against IBM. Also, how can SCO enforce a trade secret if it does not own the trade secret in the first place?
Since this goes to the heart of SCO's claims against IBM and also of Redhat's suit against SCO, I predict that both sides in both lawsuits (SCO vs IBM and Redhat vs SCO) will ask for the respective lawsuits to be suspended (on-hold) until this is resolved. Bottom line: several more years of drawn out FUD with no resolution in sight.
As part of the predicted re-org, maybe an audit committee would be a good idea. Supposedly, there have been some instances where BSD code (some of which really did have a genisis in AT&T ancient unix) has been placed in the Linux Kernal (which is allowed under the BSD license) but had the BSD/AT&T copyrights stripped/unattributed (which in not legal under the BSD licence). Now might be the opportunity to formally audit the entire code base and make sure that all the BSD/AT&T code is properly attributed. I know there have been some informal efforts at this, but I'm not aware of any official Kernel.org effort. Not only will it make the Linux community look better, but it would undercut SCO, plus its the right thing to do.
If you you were in the U.S. Army sometime before 1990, you probably know what that means. These were the standard field radios before the new SINCGARS encrypted/frequency-hopping radios came into use. The old "prick 77" radios that we carried around on our backs used a lithium battery. The radio had a vent on the battery compartment to let out explosive gases (and water if you were dumb enough to get your radio wet). If the vent became blocked the battery could explode! Ouch! Never happened to me personally, but it was legendary among RATELOs.
Here is a link on the usage of the term "bikeshedding" amonst the unix folk.
l
http://www.unixguide.net/freebsd/faq/16.19.shtm
apt-get install kde.
For those users stuck inside the default gui and without knowledge of the command line (the real target audience of "UserLinux"), I am sure there will be a front-end installer to add new packages. Just include alternate guis as optional packages to be added at the users' descretion. Why stop at KDE? You could include any number add-in optional packages that are not "default". Anyway..., multiple packages that all do the same thing (like guis) will simply increase the complexity, bloat, and confusion for the target audience. Select one good one, and they can add others if they so desire.
This whole debate sounds to me like what the BSDers call "bikeshedding". Arguing ad nauseam over minor details like colors because the deep-down architectural stuff is beyond intelligent discussion for most folks.
Enough puns already! Let's put this out to pasture before we all step in it.
So, in additon to hiring the same lawyer (Boise), I see the DOJ has hired SCO's encryption team of MIT mathmaticians to handle its super-secret documents. Next they will hire SunnComm to write a document locking program that uses the windows auto-play feature, change their font to Chinese script, and make it black on black background. Shhhh.. don't tell the Russians to hold down the shift-key.
No wonder they can't catch Bin Laden.
Does this mean they also plan to ignore the GPL on stuff like Samaba?
From what I've seen, the Java Desktop System runs on top of SuSe Linux. But the major components such as Gnome, Mozilla, StarOffice, and Evolution will compile on Solaris too. So why isn't Sun using this to push x86 Solaris instead of Linux? Is it because of crappy hardware support for PCs in Solaris? Certainly, I would think that Sun knows their own OS and could get it to work. Certainly it wouldn't cost them much extra to press a few more Solaris CDs, license them at the $100 per user, keep the all the revenue in-house, and not have to split it with Suse. Also, I would think a Solaris Desktop would be a good sell to the sysadmins and IT purchasers who already run a "Sun shop" in the machine room, not the least because they already know it, trust it, and could easily integrate it with thier existing infrastructure (although Linux does play well with unix standards too). All I can think of is that Sun is afraid of Solaris as a desktop OS because it might eat into the prestige of Solaris as a premium server OS.
When you roll the wheel on your mouse, It changes the moderation form selections from what you selected! Now I have to post to undo my moderations.
I used to work as a military logistician, and we were doing this all the way back in 1995 during the Haiti intervention and the refugee crisis at Guantanemo Bay.
The Army recongnized the need for RFID all the back in 1990-1991 in Desert Sheild/Desert Storm. Back then they were sitting on thousands of 20 foot and 40 foot shipping containers in Saudi Arabia. But the paperwork was so bad that they couldn't tell what was inside the containers and the database system they used to keep track of shipments was a 1973 vintage punch card system (no really.. it was). So they spent thousands of man-hours opening the boxes and recording the contents and figuring out where it was supposed to go. The actually had a man killed when all the crap fell out on top of him while he was opening up one of the boxes. Meanwhile, forward deployed units were languishing without supplies or spare parts. So they knew they had a problem. The answer was to improve the tracking paperwork with an oracle based system called WPS (WorldWide Port System) and they started doing experimental use of RFID on vehicles and shipping containers. The RFID transmitters were based on the ones used by the railroads and were about the size of a book (approx 8x6x3 in). The were bolted onto the exteriors of the shipping containers and short range transmission towers were built in the ports and at transportation hubs. The first chance to test them in the real-world was the Haiti crisis. All the supplies to GITMO and Haiti were flowing through the port at Jacksonville Florida. The tests were a moderate success (sometimes the tags fell off or data was bogus because somebody was too lazy to key the right values). Overall, the military was very pleased because it finally afford military commanders "Intransit Visibility" or ITV. Commanders were very happy to know where their supplies and equipment was. During the last several years, the tag technology has gotten better and better and they started installing them in vehicles whenever they were deploying.
XP
Everyhing you listed are *application* flaws with the possible exception of ipmasq and even that is optional. Nothing you listed is a core OS flaw or a "default" configuration issue, unlike the many many problems with windows.
Sorry.. I think that should be $46 billion in the MS cashbox.
A few months ago, my sister-in-law and her husband bought a new computer (loaded with XP as most are). They are average users: they browse the www, send email, write letters, and play games. The know how to use their box, but they don't know how to administer it. So everything that was shipped as default was still default -including the messanger service. They are on cable modem and were getting constant popups (and I mean constant, like one every 30 seconds) over the messanger service. Now multiply that by millions of people and you have millions of potential DDOS zombie machines, or spam spewers, or any other nasty (or illegal) thing you can imagine.
It is time for MS to immediately change the default shipping configuration of XP to turn every service off by default because no desktop should be listening on any tcp by default. If that means they need to recall and replace all the master disks that they license to OEMs, then they need to do it. They need to have every major retail outlet yank all the shrink-wrap boxes and replace them with new one with secure default configurations. MS is sitting on $46 million in cash, so they can easily afford this expense as chump change. It just a question of whether they are willing to admit fault and buck up for failing their customers or if they are too greedy to spend some of their hoarded wealth.
And the 5.x series of FreeBSD supports ACLs also
MicroSoft has a history of maintaining its monopoly by breaking compatibility with competitor's products by subtily changing (or they claim its extending and enhancing) the protocol. The most famous example were DrDOS and Java. If Samba gets too close, I wouldn't be suprised if MS didn't come up with an "enchancement" to Active Directory or SMB/CIFS or the NT-authentication protocols that will break Samba. The up-coming service pack will be the perfect oportunity for a "security fix" that will wall out Samba for a while.
(Related but slightly off-topic) A few days ago, there was an article about IE having broken support for standards, especailly CSS. I don't think that is an acident. I strongly suspect that MS won't fix IE because the "problem" helps them maintain a monopoly in browsers. If you want to get your stuff to render properly in 95% of people's browsers, you have to code to IE, not the "standard". This means your stuff won't render properly in the other 5% of browsers unless you go through lots of trouble to do browser dectection, alternate pages, or take lots of care for cross-browser compatibility.
If I remember correctly, SCO only gets a small administrative fee (like 5%) of the royalties for pre-existing UNIX licensees, the other 95% go to Novell. So, the "old" UNIX licenses pay SCO almost nothing. But I think SCO gets to keep most of the money on the "new" licenses.
So, how can SCO convert the old licenses to money? They terminate them and force the customers to buy new licenses under more lucrative terms. But they can't just terminate without cause. They need a pretext. The "unauthorized transfer of code" provides just such a pretext.
It probably depends on what SGI's license contract says and if there was a single one-time lump sum payment or if its a continual trickle of royalties. It it was a one-time lump sum, then SCO (or should I say SCO's predecessors Novell or Tarantula) already has the money and no extra revenue is coming in. This way, SCO can terminate the old license (for which they are not getting any more money anyway) and force SGI to re-license under a more lucrative scheme.
Or it could be done by a consumer group such as "Consumer Reports" that do have the resouces to hire people. And of course, corporate customers have the resources to hire experts to examine it too.
1. The Crash of the Hindenburg (the lading routines were in C)
2. The Stock Market Crash of 1929 (the buy and sell orders were written in C)
3. Adolph Hitler (Mein Kampf was written in C)
4. The Soviet Union ( Remember.. its initials in Russian were "CCCp")
6. New Coke (created engineers using a C program)
7. Drug Addiction (because you must be smoking crack to program in C)
Because it is open for examination the user is free to examine OSS and find any defects. With closed source, your are forced to rely upon the vendors representation, so liability should follow.
The difference is that what you release as open source is open for examination so there are no "hidden" defects. The user is free to examine your product and find an error. I think disclaimers of warrentees should be forbidden for a closed source product, because the user has to take the vendors word on the nature of the product. Any time you *represent* something and the user can only take your word for it, then legal liability should attach. But with an open source product, the user (or somebody he hires) is free to examine it himself and does not have to take your word, so you ought to be able to disclaim warrentees. .
Now if a defect did exist in an open source product, if is simply unknown, not hidden. In that case you have what the lawyers call a "mutual mistake". You didn't see it and the user didn't see it, but no liablity attaches since it is mutual.