As long as the CVS repository is still around, you can always check them out. I know FreeBSD's goes back to 2.0, which was the first unencumbered-by-AT&T release.
Thanks for the response, Eric. I was beginning to wonder if I'd gotten swallowed up in the flood of crap that's been posted to all the stories lately. One of these days I'm going to relocate to Advogato and stay there.:-/
XML parsers are readily available, and, as I mentioned above, can be quite small. As for percveived "limitations" on data types, any text-format data can be expressed as XML and sent through a message extension. For binary data, we use the jabber:x:oob (out-of-band data) extension to pass HTTP URIs for data retrieval, which keeps the data from having to be sent if the receiving client does not support binary attachments.
I'm not so sure that I'm comfortable with that. I know that with XML's namespace support, you can easily push XML-based formats inside of one another, but that strategy requires (AFAICT) anything that's not expressible in XML to be sent OOB. The OOB mechanism also would therefore require additional protocol support within the client, beefing its code up just a little more. If I'm understanding it correctly, it also offers a security risk where a sniffer could grab his own copy of the OOB file.
I would instead implement an inband message send/ack/reject strategy for short messages; and for larger messages or files, an offer/accept/reject message strategy that could transfer content either on the same channel (blocking further messages) or another channel, but without the overhead of additional transfer protocols.
First of all, Jabber already supports SSL connections (via the OpenSSL library) for transparent transport-layer encryption. The only drawback here is that not many Jabber clients support SSL.
This is cool, but it is not the be-all and end-all. I've been over the protocol on a few occasions in the past and I just recently looked at the whitepaper. I don't believe this addresses the issue of how a client attached to one server can authenticate itself to another server to the point of being able to subscribe to presence changes of a user of the latter server. If you had even a simple DSA implementation, you could have the user of the latter server say "I'll accept requests from this public key, this public key, etc." and authenticate based on that.
But it's not going to be supported until it can be done right, as it's my belief that poorly-done crypto support is worse than no crypto at all.
I admire you for taking this stand.
And I might also point out that competing protocols either use no encryption, or use something that's a total joke in terms of real security (e.g., ICQ).
This is a fault of those protocols, and something that needs to be corrected by competing proposals. I respectfully submit that it is not an excuse to not implement cryptographic security and authentication. US policy is a pretty darned good excuse, on the other hand.:-/
Jabber may be open, and it may be a step in the correct direction (each domain runs their own service, which scales a heck of a lot better to the global Internet), but it's really, really icky on the inside.
XML is a bad choice for protocol messages. The use of XML carries far too much baggage for a lightweight/automated implementation. I've been thinking for some time about how a good Internet-wide IM system could be used not just to send silly chat messages back and forth, but also to be a method for client-server interaction. The XML message format requires each piece of software to contain an XML parser and also (from what I've seen) limits the kinds of data you can send back and forth. Why not do what HTTP does -- not care about the content, just specify a header format and let arbitrarily formatted data be attached?
In addition, Jabber makes the unfortunate choice of not wanting anything to do with crypto on the protocol level; instead, it wants client folk to slap OpenPGP on top of it. This is another bad decision in two ways:
No cryptographic way of proving to a server that a person who is requesting status (online/offline/etc) information is who they say they are.
OpenPGP is designed for messages where there is no handshaking involved, and it generates and exchanges a new secret key for each message. If a long-lived conversation will be taking place, then only one secret key needs to be generated and exchanged in the session. Much more efficient.
That said, it's probably the best we've got right now, and in their favor, the Jabber folk have worked on this for a long time. I do respect them and their efforts (it's a rare open source project that is built to be more than just a copycat of some other software). I'm just not sure what they've come up with is what we need.
Re:not that new an idea
on
Geek Flavor
·
· Score: 1
When I read the article this morning, the first thing that popped into my mind was wiki as well. I didn't get a chance to see this "geekflavor" (really, what an idiotic name) site, but I'd wager it really wasn't anything to write home about. When it comes down to it, nothing even comes close to wiki.
They continue to support Apple, even though in doing so, they are limiting themselves to the second rate. In a similar way some people install Netscape Communicator on Windows 2000, despite the fact that IE is vastly superior, citing the reason "Because I hate MS!"
Oh, please. There's nothing inherent about any operating system that makes it ``superior'' for all people and all applications. There are generally-accepted things that MacOS is lacking, but if a user doesn't need them, why force them upon him?
Likewise, I use Netscape Communication because I choose to. I'm much more familiar with it, and I would rather a piece of software which largely does what I tell it to than something like IE that is convinced that it's smarter than me and tries to surprise me at every turn.
I agree. I find X quite useful, and am adamantly opposed to throwing it out.
My biggest fear is that if we do throw X out, we're going to end up with a Linux-only in-kernel graphics subsystem, unportable and incompatible with everything. Let's not also forget we'd also throw out a whole hell of a lot of existing code.
If folks are so keen on reinventing the wheel, take a lesson from Transmeta. Invent a lightweight windowing system that can "morph" itself into different flavors. Have it be able to speak the X protocol through a heavyweight plugin if need be. Maybe it could speak other protocols for different platforms, too.
Really, this is not that difficult to combat, considering how good Mozilla really is -- and therefore Netscape 6 will be.
Anyone who cares a whit about the issue: start designing your own sites now to use only standard technologies (XML/CSS/DOM) as far as Mozilla will let you. Mozilla itself has a few things that are non-standard -- don't be tempted!
Worried that this will lock you out of MS's 86%? Never fear. Sniff the browser in your configuration file and return the exact same code, except with the tag stripped out, when IE-anything or Mozilla tag was new. Both people can still use your site without problems, of course.
It sure beats maintaining two separate versions of your site -- which is what you'll have to do when AOL merges Gecko into their next major rev. The reason it's worth waiting for standards is because CSS, when properly used, is nice like that.
You know, I had a similar experience back when I used to use Linux. I want to float an idea here. This particular situation might be more Linux's fault than the vendor's.
Linux has had a rather sad history of making incompatible changes from version to version just for the sake of making changes. It wouldn't even be so bad if you could just recompile and move on -- but in a disturbing number of situations, you can't even do that.
I will add one thing, too, at the risk of being labeled a troll: I hear cheers from the Linux-using populace when hardware vendors grumble about having to rewrite their drivers for Win2k. I hear angry self-righteous posturing when hardware vendors don't even know (and whose fault is that?) that they have to rewrite their drivers for the next major kernel revision.
Give a child any of the myriad of pieces of babysittingware out there (read: most "educational" software), add a teacher to maintain decorum, and you will have achieved the functional equivalent of dropping a kid in front of Barney for an hour with a parent in the other room.
Give a child a calculator to do his math and a word processor to typeset his documents without a teacher who understands how to program the calculator or how to use a word processor as more than a typewriter and you have achieved nothing more than can be done with paper and pencil. In some cases, you have achieved less, as your student now knows a little less about how math really works than he would know otherwise.
Give a child a programming language (even a simple one), let them use the computer as a tool to achieve their means -- and have a teacher who understands this tool completely -- and you have achieved education.
Making digital signatures legally binding scares the shit out of me.
Let's face it -- 99% of the populace, whether they use Windows (and I'm sure Microsoft will be so kind as to provide a VBScript hook for signing documents or at least publishing private keys, so that virus writers will have a new source of fun), or whether they use Linux (how many desktop-role Linux boxen do you know of that you would consider 100% secure?) is operating insecurely. And that insecurity is going to spell trouble if digital signatures are legally binding, because it opens up a whole new class of forgeries.
Let's pretend, for a moment, that most programmers are good at implementing cryptography and would never, ever write a program that allowed a key to be compromised by its use. (Hell, I don't trust any programs I write with my private keys.) Even if you've got good cryptography software, where you store your keys is probably going to be compromisable by an enterprising cracker.
Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter.
He does have a bit of a point that Linux has mostly been about copying others.
I'll drink to that. Linux's supposed crowning achievement -- GNOME -- is very nice but deep down it's just a clone. It just looks prettier than what it's cloning. I got all excited about Evolution a few months ago; then I went and looked at it when Helix did the PR. I'm thinking, ``wow, look, Helix is porting Outlook to GNOME.''. Not exactly exciting or innovative.
I wondered in a thread back when the Beanie Awards were announced -- where's the category for best new thing in the open source world? All I see are reimplementations. Then again, I guess that's what GNU always did -- take existing stuff, rewrite it, and bloat it.
One example of a remote access system is shown in U.S. Pat. No. 5,124,909 (Blakely et al., June, 1992). Therein, requester processes run on a local host, and are used to translate local host commands into commands understood by the remote host. Such a system is illustrative of the types of systems which must be continually updated, on local computers, because improvements in information service software result in new versions of such software. These new versions must be obtained, usually including a purchase cost, for and installed on each local computer. This is known as the "software maintenance burden".
If he thinks he's patenting the Web, then he's very, very mistaken. Last time I checked, I had to continually update my browser. It's not quite as much of one as used to exist in the past, but it's still definitely a "software maintenance burden".
Warning: this posting will reach no conclusion. Read it at your own risk.:-)
My first reaction to this was ``this is bullshit'', quite frankly. I have worked at ISPs for a couple years now, and have been a user of Usenet for almost seven years (although I've waned somewhat recently). My first reaction is that it's patently ridiculous to sue Demon over this. They should be under no obligation to remove any material. Usenet should always be taken with a grain of salt, anyway; and if Dr. Godfrey is so hot about forgeries, he should sign all his messages with PGP.
But then again, I think that someone must take some sort of action. Let's face it, digital signature technology is never going to take hold (considering even IPv6 is stalemated like crazy over here in the US), and unless we wipe the current Internet technology from the face of Earth and start anew, we'll never have assurances that forgeries are in the very least rare. Regrettably, the herd is full of people who don't have a clue that messages even can be forged, and they'll believe anything they see coming up on their screen. I doubt we could educate them about forgeries considering the fact that I see a new mass-forward-to-get-free-stuff spam every other week.
Something else I'm worrying about, which is close to OT, is that even if we did deploy mandatory digital signatures for everyone, the majority of the Internet herd would never be able to comprehend it and insecure PCs would be compromising keys left and right -- so it would be, in a word, ineffectual.
Where does this all leave us? I'm not really sure. It concerns me to see precedent like this, especially considering the hordes of bloodthirsty lawyers over here in the US grinning with glee at the idea of such a case.
The Internet has indeed blessed us with a glimpse of what free speech truly is. Unfortunately, as our audience grows wider, it seems to get less free.
Just like the Frauhofer patents have prevented the distribution of MP3 encoding software? OK, so I know the situation is slightly different for MP3, but it's incredibly difficult to prevent the spread of software whose time has come, legal or not...
You'll get no argument from me on this; hence the word ``legal'' as a qualifier in my original statement. The RSA patent says you can't use non-RSA libraries in the US (at least until September 20, I'm having a party that day, btw) but that hasn't stopped quite a bit of SSL software from being distributed illegally in the US...
I'm a little wary of this one. Let's see if M$ has added some kind of contract agreement barring RealNetworks from producing a Linux Version.
I have to admit that my paranoia kicked in on this one as well. Let's face it, it can only help free/.+n.x/ to support WMF, especially considering that quite a bit of the content out there is now WMF-only (sigh). Knowing that M$'s drive is to get more clients out there, since that's really their moneymaker (their push for servers is primarily to let them leverage more clients), I'd be surprised if they'd sit passively by while a WMF player was created for Linux. Very surprised.
By free, I assume you mean open. The problem with open codecs is (at least in the eyes of content providers) copy protection. They see an inability to save streamed RealAudio/ReadVideo, and are happy because their copyrighted works aren't being distributed around the net.
True, but wasn't it the case, at least in the past, that versions of RealPlayer Plus had a ``VCR'' feature where you could record and replay live Real streams? I could be wrong; I never actually bought RealPlayer Plus:-)
An open codec would allow anyone to save the streamed data to a file for later use. In actual fact, the current closed codecs only provide security through obscurity anyway, and will eventually be compromised.
Yeah, it would be compromised, but given the patents on codecs, you'd never be able to distribute the software legally. I hate to say it, but it's pretty damned effective protection.
Are the specifications available for using the RealPlayer shared objects? Probably the
best thing RealPlayer could do (presuming they don't want to release source for their protocol) is release the shared objects and documentation on how to use them, and let the community make grealplayer and krealplayer. This would save them having to keep up the whole interface side of the application, they'd just need to release the codecs.
This is a cool idea, but is it compatible with either the letter or the spirit of the GPL? I'd say no, at least on the second count. And krealplayer, if it was linked against Qt 1.x, would have to be GPL. I don't care to start a license flamewar, but this is one of the unfortunate side-effects of the GPL, and why I (generally) won't use it in my own projects.
The vast majority of it is useless, buggy and there are scads of inconsistencies to be found in each and every one when it comes to user interfaces.
And I must say to you that large swathes of Linux software I've seen that's been put out by ``independents'' (i.e. not the large groups like KDE, GNOME, etc. or the more well-known programmers) falls into the same category. The difference is that it generally does not force you to click through a plea for money before you use it.:-)
There are hordes of people out there who will do a bad job with any tool. I believe that a bad tool (and I think VB is a bad tool for quite a bit of stuff) will be passed over by a good person.
I started reading the article and couldn't help but notice that some of the syntax complaints that the author has for VB are also at least similar to the ``accepted'' way to code in Perl, if you've spent any time reading the documentation.
Thankfully, Perl doesn't (usually) force you to do it that way; but it sure could do with fewer multisymantic expressions (how many things do parentheses do in your language?):-)
I've read all the comments on this article, and visited a few links. There's quite a few rumors and half-truths going around, so I won't try to address most of them. I will, however, address the simple act of trying to close off the device classes.
If we look back on the path computing has taken over the past two decades, we see it littered with dead technology. What does most of this dead technology have in common? At one point or another, it was closed off. Ridiculous fees were charged for redistribution of specifications. Those who paid were prohibited from sharing their information with anyone but the others who paid, and sometimes not even them.
By contrast, if the steward of a particular technology practices open computing, whether the technology lives or dies depends on technological rather than political (and no, I don't mean governmental) merits. If these stewards need money; it would stand to reason that whomever stood to benefit from the technology's wide adoption should contribute more to it in the hopes that their investments would be returned.
USB's move here could undermine its previously open stance, and that would be a bad thing for USB. I hope they reevaluate it. USB is a very useful technology in its own right and need not be squelched in this manner.
Oh, and I can't pass up contributing to a USB thread without telling you that salespeople in a local electronics store recently told one of my friends that the USB port on some home entertainment equipment was for the brand-spankin'-new ``Universal Stereo Bus''.:-)
First of all, I'm pro-open-computing as well as pro-open-source, and also a rather firm believer in laissez-faire for most business. I've also spotted many trolls in my moderation runs and marked them as such -- they're easy to spot. They're the same type as the hot grits/Natalie/etc. AC; they aren't here to debate but rather here to draw attention to themselves.
This guy came out with guns blazing but was not trolling. Being actively anti-open-source does not a troll make. I am grateful for his opinion, even though I don't agree. If anything, he's demonstrated that he's pro-open-debate.:-)
I'm a subscriber to CRYPTO-GRAM; I suggest anyone who cares at all about security subscribe as well. Bruce is a true luminary in his field and usually when he points something out, it's worth looking into.
That said, I quickly read the nCipher bit this morning when CRYPTO-GRAM arrived. The first few paragraphs had me nodding and saying ``preach on, brother'' (under my breath of course; when I do it out loud my wife looks at me strangely...) But the remaining examples led me to believe that perhaps Bruce had written himself in a corner and was desperately trying to close his essay with nothing else to say.
nCipher is an example of an extreme that is easy for everyone to point out and understand. But the rest of Bruce's article left me saying ``so what?'', especially when peppered with constant ``I am probably the last person to say this, but...''s and ``I normally don't condemn this, but...''s. It left me feeling that the problem he highlights really isn't as widespread as he wanted to make it out to be.
My advice, Bruce: continue to highlight the insane for our benefit; but don't beat a subject after it's dead. (``We will kill you until you are dead!''):-)
The "child learning to read" analogy is way off base.
Agreed. I would say that the teacher would be 100% in their right to laugh at the child if the child turned around, and with an air of unquestionable sincerity yelled at him that he didn't have to understand nouns and verbs and spelling and punctuation -- he just wanted to read! After all, what do his parents pay the teacher for?
Maybe if clueless newbies (and I use that term with no trace of apology) took the time to attend sessions with actual computer trainers instead of expecting everything to be handed to them on a silver platter for 7 bucks a month, there would be less making fun going on. The indignancy of newbies when computer software doesn't work the way they expect it to can be very humorous. If I were an automobile manufacturer, I'd find it pretty damn funny if a customer came up to me and told me that I should just make the cars fly instead of go on the road, because driving on roads is just plain tedious. Oh, and it should still get the same MPG.
Mr. Kurtz totally misses the point here. He seems to me to be yet another in the long line of people who are greatly offended by this or that and insists on not laughing as loudly as he can. Frankly, I'm sick of his type, and I wish they would crawl back under the rock from whence they came.
Seems to me that a large portion of the Open Source stuff out there is just rewriting things that've already been invented. The people who are inventing new things don't get the attention they deserve.
Why not give an award for new ideas? If Open Source wants to survive, it needs to innov... inn... innova... invent new things. (Sorry, couldn't bring myself to say it... the term has been tarnished forever...)
Slashdot Mirror
As long as the CVS repository is still around, you can always check them out. I know FreeBSD's goes back to 2.0, which was the first unencumbered-by-AT&T release.
Thanks for the response, Eric. I was beginning to wonder if I'd gotten swallowed up in the flood of crap that's been posted to all the stories lately. One of these days I'm going to relocate to Advogato and stay there. :-/
I'm not so sure that I'm comfortable with that. I know that with XML's namespace support, you can easily push XML-based formats inside of one another, but that strategy requires (AFAICT) anything that's not expressible in XML to be sent OOB. The OOB mechanism also would therefore require additional protocol support within the client, beefing its code up just a little more. If I'm understanding it correctly, it also offers a security risk where a sniffer could grab his own copy of the OOB file.
I would instead implement an inband message send/ack/reject strategy for short messages; and for larger messages or files, an offer/accept/reject message strategy that could transfer content either on the same channel (blocking further messages) or another channel, but without the overhead of additional transfer protocols.
This is cool, but it is not the be-all and end-all. I've been over the protocol on a few occasions in the past and I just recently looked at the whitepaper. I don't believe this addresses the issue of how a client attached to one server can authenticate itself to another server to the point of being able to subscribe to presence changes of a user of the latter server. If you had even a simple DSA implementation, you could have the user of the latter server say "I'll accept requests from this public key, this public key, etc." and authenticate based on that.
I admire you for taking this stand.
This is a fault of those protocols, and something that needs to be corrected by competing proposals. I respectfully submit that it is not an excuse to not implement cryptographic security and authentication. US policy is a pretty darned good excuse, on the other hand. :-/
Jabber may be open, and it may be a step in the correct direction (each domain runs their own service, which scales a heck of a lot better to the global Internet), but it's really, really icky on the inside.
XML is a bad choice for protocol messages. The use of XML carries far too much baggage for a lightweight/automated implementation. I've been thinking for some time about how a good Internet-wide IM system could be used not just to send silly chat messages back and forth, but also to be a method for client-server interaction. The XML message format requires each piece of software to contain an XML parser and also (from what I've seen) limits the kinds of data you can send back and forth. Why not do what HTTP does -- not care about the content, just specify a header format and let arbitrarily formatted data be attached?
In addition, Jabber makes the unfortunate choice of not wanting anything to do with crypto on the protocol level; instead, it wants client folk to slap OpenPGP on top of it. This is another bad decision in two ways:
That said, it's probably the best we've got right now, and in their favor, the Jabber folk have worked on this for a long time. I do respect them and their efforts (it's a rare open source project that is built to be more than just a copycat of some other software). I'm just not sure what they've come up with is what we need.
When I read the article this morning, the first thing that popped into my mind was wiki as well. I didn't get a chance to see this "geekflavor" (really, what an idiotic name) site, but I'd wager it really wasn't anything to write home about. When it comes down to it, nothing even comes close to wiki.
Oh, please. There's nothing inherent about any operating system that makes it ``superior'' for all people and all applications. There are generally-accepted things that MacOS is lacking, but if a user doesn't need them, why force them upon him?
Likewise, I use Netscape Communication because I choose to. I'm much more familiar with it, and I would rather a piece of software which largely does what I tell it to than something like IE that is convinced that it's smarter than me and tries to surprise me at every turn.
Give your proselytizing a rest, ok?
I agree. I find X quite useful, and am adamantly opposed to throwing it out.
My biggest fear is that if we do throw X out, we're going to end up with a Linux-only in-kernel graphics subsystem, unportable and incompatible with everything. Let's not also forget we'd also throw out a whole hell of a lot of existing code.
If folks are so keen on reinventing the wheel, take a lesson from Transmeta. Invent a lightweight windowing system that can "morph" itself into different flavors. Have it be able to speak the X protocol through a heavyweight plugin if need be. Maybe it could speak other protocols for different platforms, too.
HTML formatting bit me. Sigh.
I meant to say, strip the STYLE tag out.
That's what I get for writing on wikis all the time... :-)
Really, this is not that difficult to combat, considering how good Mozilla really is -- and therefore Netscape 6 will be.
Anyone who cares a whit about the issue: start designing your own sites now to use only standard technologies (XML/CSS/DOM) as far as Mozilla will let you. Mozilla itself has a few things that are non-standard -- don't be tempted!
Worried that this will lock you out of MS's 86%? Never fear. Sniff the browser in your configuration file and return the exact same code, except with the tag stripped out, when IE-anything or Mozilla tag was new. Both people can still use your site without problems, of course.
It sure beats maintaining two separate versions of your site -- which is what you'll have to do when AOL merges Gecko into their next major rev. The reason it's worth waiting for standards is because CSS, when properly used, is nice like that.
This is my plan for the next version of my site.
You know, I had a similar experience back when I used to use Linux. I want to float an idea here. This particular situation might be more Linux's fault than the vendor's.
Linux has had a rather sad history of making incompatible changes from version to version just for the sake of making changes. It wouldn't even be so bad if you could just recompile and move on -- but in a disturbing number of situations, you can't even do that.
I will add one thing, too, at the risk of being labeled a troll: I hear cheers from the Linux-using populace when hardware vendors grumble about having to rewrite their drivers for Win2k. I hear angry self-righteous posturing when hardware vendors don't even know (and whose fault is that?) that they have to rewrite their drivers for the next major kernel revision.
Computers are useless without computer teachers.
Give a child any of the myriad of pieces of babysittingware out there (read: most "educational" software), add a teacher to maintain decorum, and you will have achieved the functional equivalent of dropping a kid in front of Barney for an hour with a parent in the other room.
Give a child a calculator to do his math and a word processor to typeset his documents without a teacher who understands how to program the calculator or how to use a word processor as more than a typewriter and you have achieved nothing more than can be done with paper and pencil. In some cases, you have achieved less, as your student now knows a little less about how math really works than he would know otherwise.
Give a child a programming language (even a simple one), let them use the computer as a tool to achieve their means -- and have a teacher who understands this tool completely -- and you have achieved education.
Making digital signatures legally binding scares the shit out of me.
Let's face it -- 99% of the populace, whether they use Windows (and I'm sure Microsoft will be so kind as to provide a VBScript hook for signing documents or at least publishing private keys, so that virus writers will have a new source of fun), or whether they use Linux (how many desktop-role Linux boxen do you know of that you would consider 100% secure?) is operating insecurely. And that insecurity is going to spell trouble if digital signatures are legally binding, because it opens up a whole new class of forgeries.
Let's pretend, for a moment, that most programmers are good at implementing cryptography and would never, ever write a program that allowed a key to be compromised by its use. (Hell, I don't trust any programs I write with my private keys.) Even if you've got good cryptography software, where you store your keys is probably going to be compromisable by an enterprising cracker.
Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter.
I'll drink to that. Linux's supposed crowning achievement -- GNOME -- is very nice but deep down it's just a clone. It just looks prettier than what it's cloning. I got all excited about Evolution a few months ago; then I went and looked at it when Helix did the PR. I'm thinking, ``wow, look, Helix is porting Outlook to GNOME.''. Not exactly exciting or innovative.
I wondered in a thread back when the Beanie Awards were announced -- where's the category for best new thing in the open source world? All I see are reimplementations. Then again, I guess that's what GNU always did -- take existing stuff, rewrite it, and bloat it.
This paragraph caught my eye:
If he thinks he's patenting the Web, then he's very, very mistaken. Last time I checked, I had to continually update my browser. It's not quite as much of one as used to exist in the past, but it's still definitely a "software maintenance burden".
Warning: this posting will reach no conclusion. Read it at your own risk. :-)
My first reaction to this was ``this is bullshit'', quite frankly. I have worked at ISPs for a couple years now, and have been a user of Usenet for almost seven years (although I've waned somewhat recently). My first reaction is that it's patently ridiculous to sue Demon over this. They should be under no obligation to remove any material. Usenet should always be taken with a grain of salt, anyway; and if Dr. Godfrey is so hot about forgeries, he should sign all his messages with PGP.
But then again, I think that someone must take some sort of action. Let's face it, digital signature technology is never going to take hold (considering even IPv6 is stalemated like crazy over here in the US), and unless we wipe the current Internet technology from the face of Earth and start anew, we'll never have assurances that forgeries are in the very least rare. Regrettably, the herd is full of people who don't have a clue that messages even can be forged, and they'll believe anything they see coming up on their screen. I doubt we could educate them about forgeries considering the fact that I see a new mass-forward-to-get-free-stuff spam every other week.
Something else I'm worrying about, which is close to OT, is that even if we did deploy mandatory digital signatures for everyone, the majority of the Internet herd would never be able to comprehend it and insecure PCs would be compromising keys left and right -- so it would be, in a word, ineffectual.
Where does this all leave us? I'm not really sure. It concerns me to see precedent like this, especially considering the hordes of bloodthirsty lawyers over here in the US grinning with glee at the idea of such a case.
The Internet has indeed blessed us with a glimpse of what free speech truly is. Unfortunately, as our audience grows wider, it seems to get less free.
You'll get no argument from me on this; hence the word ``legal'' as a qualifier in my original statement. The RSA patent says you can't use non-RSA libraries in the US (at least until September 20, I'm having a party that day, btw) but that hasn't stopped quite a bit of SSL software from being distributed illegally in the US...
I have to admit that my paranoia kicked in on this one as well. Let's face it, it can only help free /.+n.x/ to support WMF, especially considering that quite a bit of the content out there is now WMF-only (sigh). Knowing that M$'s drive is to get more clients out there, since that's really their moneymaker (their push for servers is primarily to let them leverage more clients), I'd be surprised if they'd sit passively by while a WMF player was created for Linux. Very surprised.
True, but wasn't it the case, at least in the past, that versions of RealPlayer Plus had a ``VCR'' feature where you could record and replay live Real streams? I could be wrong; I never actually bought RealPlayer Plus :-)
Yeah, it would be compromised, but given the patents on codecs, you'd never be able to distribute the software legally. I hate to say it, but it's pretty damned effective protection.
This is a cool idea, but is it compatible with either the letter or the spirit of the GPL? I'd say no, at least on the second count. And krealplayer, if it was linked against Qt 1.x, would have to be GPL. I don't care to start a license flamewar, but this is one of the unfortunate side-effects of the GPL, and why I (generally) won't use it in my own projects.
And I must say to you that large swathes of Linux software I've seen that's been put out by ``independents'' (i.e. not the large groups like KDE, GNOME, etc. or the more well-known programmers) falls into the same category. The difference is that it generally does not force you to click through a plea for money before you use it. :-)
There are hordes of people out there who will do a bad job with any tool. I believe that a bad tool (and I think VB is a bad tool for quite a bit of stuff) will be passed over by a good person.
Hmmm.
I started reading the article and couldn't help but notice that some of the syntax complaints that the author has for VB are also at least similar to the ``accepted'' way to code in Perl, if you've spent any time reading the documentation.
Thankfully, Perl doesn't (usually) force you to do it that way; but it sure could do with fewer multisymantic expressions (how many things do parentheses do in your language?) :-)
I've read all the comments on this article, and visited a few links. There's quite a few rumors and half-truths going around, so I won't try to address most of them. I will, however, address the simple act of trying to close off the device classes.
If we look back on the path computing has taken over the past two decades, we see it littered with dead technology. What does most of this dead technology have in common? At one point or another, it was closed off. Ridiculous fees were charged for redistribution of specifications. Those who paid were prohibited from sharing their information with anyone but the others who paid, and sometimes not even them.
By contrast, if the steward of a particular technology practices open computing, whether the technology lives or dies depends on technological rather than political (and no, I don't mean governmental) merits. If these stewards need money; it would stand to reason that whomever stood to benefit from the technology's wide adoption should contribute more to it in the hopes that their investments would be returned.
USB's move here could undermine its previously open stance, and that would be a bad thing for USB. I hope they reevaluate it. USB is a very useful technology in its own right and need not be squelched in this manner.
Oh, and I can't pass up contributing to a USB thread without telling you that salespeople in a local electronics store recently told one of my friends that the USB port on some home entertainment equipment was for the brand-spankin'-new ``Universal Stereo Bus''. :-)
First of all, I'm pro-open-computing as well as pro-open-source, and also a rather firm believer in laissez-faire for most business. I've also spotted many trolls in my moderation runs and marked them as such -- they're easy to spot. They're the same type as the hot grits/Natalie/etc. AC; they aren't here to debate but rather here to draw attention to themselves.
This guy came out with guns blazing but was not trolling. Being actively anti-open-source does not a troll make. I am grateful for his opinion, even though I don't agree. If anything, he's demonstrated that he's pro-open-debate. :-)
I'm a subscriber to CRYPTO-GRAM; I suggest anyone who cares at all about security subscribe as well. Bruce is a true luminary in his field and usually when he points something out, it's worth looking into.
That said, I quickly read the nCipher bit this morning when CRYPTO-GRAM arrived. The first few paragraphs had me nodding and saying ``preach on, brother'' (under my breath of course; when I do it out loud my wife looks at me strangely...) But the remaining examples led me to believe that perhaps Bruce had written himself in a corner and was desperately trying to close his essay with nothing else to say.
nCipher is an example of an extreme that is easy for everyone to point out and understand. But the rest of Bruce's article left me saying ``so what?'', especially when peppered with constant ``I am probably the last person to say this, but...''s and ``I normally don't condemn this, but...''s. It left me feeling that the problem he highlights really isn't as widespread as he wanted to make it out to be.
My advice, Bruce: continue to highlight the insane for our benefit; but don't beat a subject after it's dead. (``We will kill you until you are dead!'') :-)
Agreed. I would say that the teacher would be 100% in their right to laugh at the child if the child turned around, and with an air of unquestionable sincerity yelled at him that he didn't have to understand nouns and verbs and spelling and punctuation -- he just wanted to read! After all, what do his parents pay the teacher for?
Maybe if clueless newbies (and I use that term with no trace of apology) took the time to attend sessions with actual computer trainers instead of expecting everything to be handed to them on a silver platter for 7 bucks a month, there would be less making fun going on. The indignancy of newbies when computer software doesn't work the way they expect it to can be very humorous. If I were an automobile manufacturer, I'd find it pretty damn funny if a customer came up to me and told me that I should just make the cars fly instead of go on the road, because driving on roads is just plain tedious. Oh, and it should still get the same MPG.
Mr. Kurtz totally misses the point here. He seems to me to be yet another in the long line of people who are greatly offended by this or that and insists on not laughing as loudly as he can. Frankly, I'm sick of his type, and I wish they would crawl back under the rock from whence they came.
Seems to me that a large portion of the Open Source stuff out there is just rewriting things that've already been invented. The people who are inventing new things don't get the attention they deserve.
Why not give an award for new ideas? If Open Source wants to survive, it needs to innov... inn... innova... invent new things. (Sorry, couldn't bring myself to say it... the term has been tarnished forever...)