Nail, meet hammer's head. Great post. You destroyed all the stupid carping very concisely.
But I have an objection that is genuine, and it is a showstopper.
There is only one thing that prevents me from using KDE. I have tried, oh how I have tried, and I love everything about KDE except this this one thing. Tthe icons in the goddam taskbar won't stay put! You can't keep track of the ordering to find them because the layout keeps changing! Annoying as hell and more, because I absolutely can't use it like that. And they refuse to fix it! All they have to do is make it work dead simply, like Gnome 2 always worked; like Mate works. But they have this fucking oh-so-intelligent sorting algorithm that keeps flipping around the layout. Ugh, just ugh.
Undone by the simple refusal to fix one critical misfeature.
P.S. - for anyone who is bewildered, when I said "now this" I was referring to the SSL 3.0 exploit. The story is close to this one and I was reading both of them. But it all comes together into a giant shitstorm, and it is past the point of criticality.
Either we are going to abandon the whole internet/OS infrastructure hodgepodge that has proved to be unprotectable and replace it with something that is secure by design, or we are going to have to live with everybody getting constantly pwned. I doubt I will live long enough to see the former, even if it is attempted.
That was my question too... how did it get there? I mean, kernel modules don't just magically appear and install themselves...:-P
Using any of the endless parade of exploits that constantly emerge for linux, I would imagine. Why does it matter? 1) You get root just one time 2) Then you can install any kind of root kit or do any other kind of goddam random or fiendishly convoluted havoc you can think of
You know the kind of shabby security joke that Windows turned into? The same thing has happened to linux and BSD - and I say that as a HUGE booster of open source. It's been building relentlessly, but it became official this year with HeartBleed, ShellShock, and now this. And note that this latest is fundamentally different from any of the usual exploits. This one is NOT a bug in any IMPLEMENTATION of the protocol SSL 3.0. It is the discovery that the DESIGN of the protocol has been broken all along. You can't "fix" it by finding some coding boo-boo. It is vulnerable when working AS DESIGNED. If you update the protocol, then it's not SSL 3.0 any more and all kinds of people get cut off from secure access to various servers until everybody is moved over to TLS.
You have two choices: 1) Remove SSL 3.0 protocol capability from ALL clients everywhere, or all servers everywhere, or go after both of them tearing it out. This will break the internet until all servers and clients support AND USE TLS. 2) Live with passwords and other secure data getting pwned right and left.
If you think I've misinterpreted the problem, please tell me exactly where.
[This is in FUN but it's strictly true] Listen sonny, when I was a kid you went to a GAS STATION to get gas (my father favored the Jenny station). The guy there wore a uniform and he ran out when your car drove over the pneumatic bell-ringer (ding-ding!). Regular people were not allowed to pump gas, and why would they want to when they did it free at the gas station> "I'll have five". "Will that be 5 gallons or 5 dollars?" "Check the oil, sir?" "Do the windshield?" "Could I have a map of the state please?"
I disagree: Insist that there must be a cap, and it will be the initial letter in >90% of the cases.
So what? What stupid people do with their own security does not weaken my security. I don't throw the caps in at word breaks or syllable breaks. There is no law that says you have to be stupid.
I agree that password rules are for bozos. I don't use random caps, digits and symbols because some nazi tells me I have to. I use them because I care about security.
We can argue (and many will!) all day long over what exactly is Free and what is Open Source, but rather than go down that bottomless pit into pointlessness, anyone who is really interested can just read the TrueCrypt license for themselves. It's written in plain language, even if it is somewhat complicated. So it's not GPL and is not compatible with GPL. So fucking what. You can say the same about CDDL or a lot of others, which all give you a lot of freedom. If the code can't be subsumed into GPL, that is the problem of GPL aficionados, not of TrueCrypt's ghost.
I'll just touch on the basics.
You can modify the code, derive a new work, include all the code or selected parts of it in your own work, and you specifically are allowed to profit if you wish.
You have to sanitize your derived code of the word TrueCrypt, logos, website, etc.
You must display a specified phrase, basically "Based on TrueCrypt" and you must link to their webpage.
You have to make the complete source of your product available, just as the TrueCrypt source is.
You are not allowed to obfuscate the source code.
You have to use the unmodified TrueCrypt license only - this part it seems to me VeraCrypt is in blatant violation of, unless they received a special dispensation, which seems unlikely. On the other hand, AFAIK TrueCrypt never sued anyone yet, and they havn't sued VeraCrypt, so anyone can choose how far to stick their own neck out. Remember, RealCrypt went down this route a long time ago and nobody got sued over that.
Disclaimer - I'm not associated with TrueCrypt nor do I have any relationship with them, nor am I a lawyer, nor have I made a painstaking analysis of the license, but I don't see anyone starting a worthwhile discussion of the TrueCrypt license here, so I'm perfectly willing and naive enough to stick my neck out and start the ball rolling.
That's it in a nutshell. You want to tell me that's not "any free software license", go ahead and welcome to your strange interpretation. I myself am not hung up on terms. The license clearly allows VeraCrypt and/or anyone else to run with a derived project.
Very true. But also, most people involved with linux development are not brainwashed sycophants of Red Hat Inc., Lennart Poettering, and systemd. The problem is with corporate interests fucking with the basic architecture of linux.
No, I don't expect software corporations to care a fig about either what I want, or about good design. I don't expect software corporations to EXIST. Linux is community developed and free. There is no reason whatsoever that the niche filled by ChromeOS could not be much better served by community development as well. With the soulless bean counters out of the way, we could then get a decent design and stop making stupid decisions.
"No one" may come close to describing statistically the portion of ChromeOS users expicitly demanding removable extx support, but "everyone" would be a pretty good description who want useful and effiicient removable storage support without STUPID LIMITATIONS.
nonsense, reveals pragmatism. Companies should not waste money on what the market doesn't want or need. The market for chromebook isn't Linux fanboys.
Then god save us from companies and the market. Companies were always parasitic, but were the only way to get anything, other than individually contracting at prohibitive expense. Now, thank you open source, that is no longer the case. Software companies are an obsolete concept, and we are getting strong hints of the obsolescence of all capitalism.
I'm not an editor by trade, but my father (sports copy editor) was during my childhood 60 years ago. The original phrase and your proposed rephrasing both suffer from ambiguity. Does it mean (external disk drives) and (external SD cards), or does it mean (external disk drives) and (all SD cards)? Technically, the clued-in reader will conclude that it means any removable storage device, but he doesn't know that from context. He arrives at that from his knowledge of technical issues.
The way to concisely remove the ambiguity is just to rephrase it "SD cards and external disk drives".
H. J. Round demonstrated visible (green) luminescence from a point contact on a silicon carbide crystal in 1907. That was quite a while before TI was founded, and before Holonyak's breakthrough.
Ah, but can you define "inventor of the LED"? H. J. Round for getting luminescence from silicon carbide in 1907? Oleg Losev for his demonstration in 1927? Rubin Braunstein who found infrared emission from gallium arsenide in 1955? Baird and Pittman for patenting an (infrared) "Semiconductor Radiant Diode" which was efficient in 1962? Holonyak for reporting the first visible red LED in 1962? Any recognition for M. George Craford for the first yellow LED and for bettering the efficiency by an order of magnitude in 1972? And for T. P. Pearsall for the first high brightness LEDs suitable for driving fiber optics in 1976? And whoever invented the first green LED? And of course the inventors of the blue LED?
I think Holonyak for first visible LED is certainly deserving, but the whole chain of discoveries and inventions was crucial to the LCD monitors and flatscreen TVs we enjoy today.
The same goes for the transistor. Lilienfeld filed for a patent on the FET in 1925, yet we all thought Bardeen, Shockley and Brattain were first in 1948. As it turned out, their bipolar transistor tech turned out in the long run to be completely eclipsed by the (MOS)FET.
That was a demonstration only and the junction temperature was an unrealistic 25 C, not 85 C, and the efficiency of the driver circuit is not included in the laboratory results. Maybe the process to produce the sample is phenomenally expensive, and maybe they had to pick through thousands of units to find one that hit the mark. Because how else do you explain that the Crees you can buy in the store only produce a piss poor 84 lumens per watt? Do they purposely market obsolete shit because they know they can get away with marketing obsolete shit, or are there possibly actual engineering and economic reasons they can't sell the good stuff?
It's been presented to righties by lefties as "Political voice on the 'net is being stifled by big business! Make sure big business can't mute our voice on the 'net and force them to have equal space on websites for each political message!" Until I educated one of my D friends, that's what she really thought network neutrality was. And if you listened to Rush Limbaugh this spring, that's what he thinks NN is too. I can easily see how that would be opposed by anyone with good sense, just like actual NN would be supported by anyone with good sense.
I am well aware of how Mr. Limbaugh interprets the phrase "network neutrality", and that is, in a word, preposterously. I prefer that people inform themselves what the actual wording of the proposal is, rather than listen to what one-dimensional tools of either political false pole expounds in the form of propaganda.
Yet surely you can perceive what lack of net neutrality rules will do. They will raise speeds for providers with deep pockets and slow everybody else to a crawl. Is it not more useful to consider that than to call people who make your knee jerk fools?
Ha! If there is JUST ONE piece of software I would pay $30 for in a heartbeat, it would be a GOOD web browser. Because everything else I can get in superb form for zero expense: operating system, compiler, database system, word procesor, spreadsheet, etc. But I have given up hoping I can ever get even an ACCEPTABLE web browser for zero expense.
As someone who has myself flirted with PARTS of the Con philosophy at times, I say to a bunch of nitwits: you are intellectually incapable of understanding this issue. It's not about what you think it's about. DAYUM, but Cons can be stupid. (And, I hasten to add, so can Libs. It has become all about warping EVERYTHING to fit one specific fixation).
But I don't trust the government, in the form of law enforcement or in any other form, to operate in terms of genuine best interest of the people. It's as simple as that. They are a bunch of cynical, power-drunk hooligans, elected by morons, and with their puppet strings controlled by entrenched unaccountable evil bastards.
Let's hear it for science. If brilliant scientists can defeat some of the excesses of this cancer on the people, I say hip hip hurray. Criminal elements have always been reachable using genuine backbreaking detective work, no matter how clever the criminals. I am not filled with fear to think that the next group of 19 hijackers, or child molesters if you MUST use the boogeyman du jour, will have unbreakable cryptography. I am more worried about the atmosphere that is breeding these deviants and causing them to thrive.
Slashdot Mirror
Nail, meet hammer's head. Great post. You destroyed all the stupid carping very concisely.
But I have an objection that is genuine, and it is a showstopper.
There is only one thing that prevents me from using KDE. I have tried, oh how I have tried, and I love everything about KDE except this this one thing. Tthe icons in the goddam taskbar won't stay put! You can't keep track of the ordering to find them because the layout keeps changing! Annoying as hell and more, because I absolutely can't use it like that. And they refuse to fix it! All they have to do is make it work dead simply, like Gnome 2 always worked; like Mate works. But they have this fucking oh-so-intelligent sorting algorithm that keeps flipping around the layout. Ugh, just ugh.
Undone by the simple refusal to fix one critical misfeature.
I think the shills and sycophants are just trying to get our goat. Don't take them seriously.
P.S. - for anyone who is bewildered, when I said "now this" I was referring to the SSL 3.0 exploit. The story is close to this one and I was reading both of them. But it all comes together into a giant shitstorm, and it is past the point of criticality.
Either we are going to abandon the whole internet/OS infrastructure hodgepodge that has proved to be unprotectable and replace it with something that is secure by design, or we are going to have to live with everybody getting constantly pwned. I doubt I will live long enough to see the former, even if it is attempted.
Using any of the endless parade of exploits that constantly emerge for linux, I would imagine. Why does it matter?
1) You get root just one time
2) Then you can install any kind of root kit or do any other kind of goddam random or fiendishly convoluted havoc you can think of
You know the kind of shabby security joke that Windows turned into? The same thing has happened to linux and BSD - and I say that as a HUGE booster of open source. It's been building relentlessly, but it became official this year with HeartBleed, ShellShock, and now this. And note that this latest is fundamentally different from any of the usual exploits. This one is NOT a bug in any IMPLEMENTATION of the protocol SSL 3.0. It is the discovery that the DESIGN of the protocol has been broken all along. You can't "fix" it by finding some coding boo-boo. It is vulnerable when working AS DESIGNED. If you update the protocol, then it's not SSL 3.0 any more and all kinds of people get cut off from secure access to various servers until everybody is moved over to TLS.
You have two choices:
1) Remove SSL 3.0 protocol capability from ALL clients everywhere, or all servers everywhere, or go after both of them tearing it out. This will break the internet until all servers and clients support AND USE TLS.
2) Live with passwords and other secure data getting pwned right and left.
If you think I've misinterpreted the problem, please tell me exactly where.
How is that derangement syndrome thing working out for you?
[This is in FUN but it's strictly true] Listen sonny, when I was a kid you went to a GAS STATION to get gas (my father favored the Jenny station). The guy there wore a uniform and he ran out when your car drove over the pneumatic bell-ringer (ding-ding!). Regular people were not allowed to pump gas, and why would they want to when they did it free at the gas station> "I'll have five". "Will that be 5 gallons or 5 dollars?" "Check the oil, sir?" "Do the windshield?" "Could I have a map of the state please?"
It's legal tender. They will take it and like it, or I will call the cops.
So what? What stupid people do with their own security does not weaken my security. I don't throw the caps in at word breaks or syllable breaks. There is no law that says you have to be stupid.
I agree that password rules are for bozos. I don't use random caps, digits and symbols because some nazi tells me I have to. I use them because I care about security.
We can argue (and many will!) all day long over what exactly is Free and what is Open Source, but rather than go down that bottomless pit into pointlessness, anyone who is really interested can just read the TrueCrypt license for themselves. It's written in plain language, even if it is somewhat complicated. So it's not GPL and is not compatible with GPL. So fucking what. You can say the same about CDDL or a lot of others, which all give you a lot of freedom. If the code can't be subsumed into GPL, that is the problem of GPL aficionados, not of TrueCrypt's ghost.
I'll just touch on the basics.
You can modify the code, derive a new work, include all the code or selected parts of it in your own work, and you specifically are allowed to profit if you wish.
You have to sanitize your derived code of the word TrueCrypt, logos, website, etc.
You must display a specified phrase, basically "Based on TrueCrypt" and you must link to their webpage.
You have to make the complete source of your product available, just as the TrueCrypt source is.
You are not allowed to obfuscate the source code.
You have to use the unmodified TrueCrypt license only - this part it seems to me VeraCrypt is in blatant violation of, unless they received a special dispensation, which seems unlikely. On the other hand, AFAIK TrueCrypt never sued anyone yet, and they havn't sued VeraCrypt, so anyone can choose how far to stick their own neck out. Remember, RealCrypt went down this route a long time ago and nobody got sued over that.
Disclaimer - I'm not associated with TrueCrypt nor do I have any relationship with them, nor am I a lawyer, nor have I made a painstaking analysis of the license, but I don't see anyone starting a worthwhile discussion of the TrueCrypt license here, so I'm perfectly willing and naive enough to stick my neck out and start the ball rolling.
That's it in a nutshell. You want to tell me that's not "any free software license", go ahead and welcome to your strange interpretation. I myself am not hung up on terms. The license clearly allows VeraCrypt and/or anyone else to run with a derived project.
Nobody was ever going to brute force the original TrueCrypt.
Very true. But also, most people involved with linux development are not brainwashed sycophants of Red Hat Inc., Lennart Poettering, and systemd. The problem is with corporate interests fucking with the basic architecture of linux.
No, I don't expect software corporations to care a fig about either what I want, or about good design. I don't expect software corporations to EXIST. Linux is community developed and free. There is no reason whatsoever that the niche filled by ChromeOS could not be much better served by community development as well. With the soulless bean counters out of the way, we could then get a decent design and stop making stupid decisions.
"No one" may come close to describing statistically the portion of ChromeOS users expicitly demanding removable extx support, but "everyone" would be a pretty good description who want useful and effiicient removable storage support without STUPID LIMITATIONS.
Then god save us from companies and the market. Companies were always parasitic, but were the only way to get anything, other than individually contracting at prohibitive expense. Now, thank you open source, that is no longer the case. Software companies are an obsolete concept, and we are getting strong hints of the obsolescence of all capitalism.
I'm not an editor by trade, but my father (sports copy editor) was during my childhood 60 years ago. The original phrase and your proposed rephrasing both suffer from ambiguity. Does it mean (external disk drives) and (external SD cards), or does it mean (external disk drives) and (all SD cards)? Technically, the clued-in reader will conclude that it means any removable storage device, but he doesn't know that from context. He arrives at that from his knowledge of technical issues.
The way to concisely remove the ambiguity is just to rephrase it "SD cards and external disk drives".
Er, practically all monitors and TVs currently manufactured have LED backlights.
H. J. Round demonstrated visible (green) luminescence from a point contact on a silicon carbide crystal in 1907. That was quite a while before TI was founded, and before Holonyak's breakthrough.
Ah, but can you define "inventor of the LED"? H. J. Round for getting luminescence from silicon carbide in 1907? Oleg Losev for his demonstration in 1927? Rubin Braunstein who found infrared emission from gallium arsenide in 1955? Baird and Pittman for patenting an (infrared) "Semiconductor Radiant Diode" which was efficient in 1962? Holonyak for reporting the first visible red LED in 1962? Any recognition for M. George Craford for the first yellow LED and for bettering the efficiency by an order of magnitude in 1972? And for T. P. Pearsall for the first high brightness LEDs suitable for driving fiber optics in 1976? And whoever invented the first green LED? And of course the inventors of the blue LED?
I think Holonyak for first visible LED is certainly deserving, but the whole chain of discoveries and inventions was crucial to the LCD monitors and flatscreen TVs we enjoy today.
The same goes for the transistor. Lilienfeld filed for a patent on the FET in 1925, yet we all thought Bardeen, Shockley and Brattain were first in 1948. As it turned out, their bipolar transistor tech turned out in the long run to be completely eclipsed by the (MOS)FET.
That was a demonstration only and the junction temperature was an unrealistic 25 C, not 85 C, and the efficiency of the driver circuit is not included in the laboratory results. Maybe the process to produce the sample is phenomenally expensive, and maybe they had to pick through thousands of units to find one that hit the mark. Because how else do you explain that the Crees you can buy in the store only produce a piss poor 84 lumens per watt? Do they purposely market obsolete shit because they know they can get away with marketing obsolete shit, or are there possibly actual engineering and economic reasons they can't sell the good stuff?
I am well aware of how Mr. Limbaugh interprets the phrase "network neutrality", and that is, in a word, preposterously. I prefer that people inform themselves what the actual wording of the proposal is, rather than listen to what one-dimensional tools of either political false pole expounds in the form of propaganda.
Yet surely you can perceive what lack of net neutrality rules will do. They will raise speeds for providers with deep pockets and slow everybody else to a crawl. Is it not more useful to consider that than to call people who make your knee jerk fools?
Ha! If there is JUST ONE piece of software I would pay $30 for in a heartbeat, it would be a GOOD web browser. Because everything else I can get in superb form for zero expense: operating system, compiler, database system, word procesor, spreadsheet, etc. But I have given up hoping I can ever get even an ACCEPTABLE web browser for zero expense.
The onus is rather on you to prove, or at least support, your preposterous assertion.
As someone who has myself flirted with PARTS of the Con philosophy at times, I say to a bunch of nitwits: you are intellectually incapable of understanding this issue. It's not about what you think it's about. DAYUM, but Cons can be stupid. (And, I hasten to add, so can Libs. It has become all about warping EVERYTHING to fit one specific fixation).
If only they actually were desperate. In actuality, they are fat, self-confident, and virtually unchallenged.
But I don't trust the government, in the form of law enforcement or in any other form, to operate in terms of genuine best interest of the people. It's as simple as that. They are a bunch of cynical, power-drunk hooligans, elected by morons, and with their puppet strings controlled by entrenched unaccountable evil bastards.
Let's hear it for science. If brilliant scientists can defeat some of the excesses of this cancer on the people, I say hip hip hurray. Criminal elements have always been reachable using genuine backbreaking detective work, no matter how clever the criminals. I am not filled with fear to think that the next group of 19 hijackers, or child molesters if you MUST use the boogeyman du jour, will have unbreakable cryptography. I am more worried about the atmosphere that is breeding these deviants and causing them to thrive.