I agree with most of those comments. I particularly liked the approach to patents - it really does make the licence orthogonal to the patent status, and makes that explicit. Explicit is good.
I see one problem with the licence, though. It covers, very clearly, what I can do with the program itself, and with modified forms of the program; but it says incredibly little about what I can do in terms of taking parts of the program and using them in my own different programs.
If programs containing some IPL'd code count as derivative works of the IPL'd program and have to have the "Copyright IBM" notice on them, that's actually quite a lot less friendly than the GPL. I think that section of the licence would benefit from revision (if I've understood it correctly) or explanation (if I haven't).
I suppose if IBM are being as Good as people seem to think, I should just contact them and say this to their face. Anyone want to tell me whether I'm talking rubbish before I do so?
Good software engineers may already be aware of this sort of thing; I know as I read that book review I see things I've done and things I've wanted to do but not had the time and things I'm perfectly well aware of.
But that's not the primary value of a book like this. If the ideas were brand new and untested, they would be less valuable to have written down. The thing is that there are at least N+1 ways, for any given value of N, to re-engineer or refine or redesign a piece of code, and ideally you want to consider as many as possible before choosing which one to do. A book listing lots of them gives you a massive boost because it reduces the chance that you might overlook the one strategy that could be the biggest win. Think of it as a checklist: you may know, if you look in the fridge, that you have no milk, and as you walk around the house you may see any one of forty things you need to buy and they're all obvious to you, but you still make a shopping list when you go out because otherwise there's a good chance you'll forget at least one of them.
In addition, writing these down might help turn bad software engineers or learning software engineers into good software engineers. I think learning software engineers, if they're going to be good ones, probably are already subconsciously aware of these ideas and benefit from having them brought up into the conscious level and carefully reviewed.
It doesn't seem to me that it's difficult to see why this is more secure than the current scheme.
Your average credit card is insecure because an eavesdropper has got all the information they need to fake further transactions. With this system, one imagines that what would happen is that the transaction site sends you a challenge (e.g. a bit string) and the card swiper responds by preparing a response (e.g. encrypting the bit string using a private key stored on the card). By embedding a time stamp or unique identifier in the challenge, you ensure that an eavesdropper can't fake a transaction because they aren't allowed to use the same challenge/response pair and aren't able to manufacture the response to a new challenge to create a different one.
Better still, you can embed the amount of the transaction in the challenge too, and then the transaction site itself can't try to claim you authorised more money than you actually did.
This has been done before; I knew somebody once who worked for a company with a severely paranoid firewall. He could connect into the inside of the firewall from the outside, but only by using a little hand-held special crypto device. He'd telnet to the firewall machine, which would give him back a bunch of digits and he'd punch them into the device. The device would supply a response string of digits, which he typed back into the firewall and then it let him through.
The fact that you can't subdivide gold beyond the atom level has nothing to do with the axiom of choice. I could challenge you to carve a Mandelbrot set out of gold, and you couldn't do that, for the same reason: atoms provide a maximum resolution.
The axiom of choice is only required to distinguish between some of the things that atomic structure prevents you carving out of gold, and other things that atomic structure prevents you carving out of gold. It isn't that the AoC is inapplicable to real life in this instance: it's that real life doesn't let you get as far as the point where you find out whether you can apply the AoC in practice or not.
The AoC deals with uncountable things, but that isn't why it gets bad press as an axiom: lots of Cantor's stuff is far more widely accepted than the AoC even though it deals with uncountable things at least as much.
Actually, it seemed to me that a lot of the stories on that site had been submitted by female support engineers.
I have a feeling this might partly be because customers faced with a woman on the line are more likely not to believe she's competent. I've known women who complain about this... Admittedly that doesn't make much difference when the customer is actually stupid, but it would help explain some of the ones where the customer wrongly assumes the tech is stupid.
Then again, I could be wrong; maybe it's just that the ones submitted by women had a higher tendency to mention that, whereas those submitted by men didn't feel the need to state their gender? *shrug*
. . . was the part where they said "Do you find yourself dependent upon [list of things] food or eating?"
Man, if I don't eat pretty regular, you wouldn't believe what happens to my metabolism. I just gotta. I mean, I'm not addicted, not really, that's for wimps, but I dunno how I'd survive without food.
. . . well it is, of course:-) But it reminds me of a story a friend of mine told after he did work experience at a printing company.
His first task was to typeset a simple invitation card. So, with the supervisor guy watching over his shoulder, he fired up the DTP thing they had and started typing.
The supervisor immediately gasped and demanded to know how he'd done that. "That", it turned out, was typing the initial letter of a word in capitals.
This is really true. The entire (small) company had been unaware of the Shift key, and when they wanted things in caps they typed them in lowercase, selected the first letter, and selected All Caps from a drop-down menu. Always. Whenever caps were required.
The best bit is that after our guy explained what he'd done and how you ought to have noticed if you'd ever even used a typewriter, the supervisor thought about it for a bit and said "That's too complicated, I think. We'll just stick to the way we know."
The same argument, that if guns are outlawed, only outlaws will have guns, holds true for encryption, just as it does for all proscriptive laws.
Damn right. Outlawing encryption won't stop the terrorists from encrypting and thus make them easier to catch; the terrorists will just carry right on encrypting and everybody else will suffer the privacy loss.
The usual counter-argument to that is that you can then arrest the terrorists as soon as you catch them using encryption, and don't actually have to wait for them to e.g. blow up large numbers of people first; but one imagines that properly organised terrorists will just take the rap for encrypting and pass the actual job on to another cell which didn't get caught, which won't really slow them down very much.
Conclusion: outlawing encryption doesn't help nearly as much as it ought to against organised criminals such as the ones who can be bothered to plan ahead using encrypted communications, and thus isn't worth all the downsides.
that all must suffer a diminution of their rights because of the infractions of a few
Yeah. "Unless the person who did it owns up the entire class will stay behind after school!" Haven't any of these anti-encryption people noticed that we're not ten-year-old schoolchildren?
"Don't tell Grandma "I had to spank Johnie today because he won't quit biting his little sister" because someone may arrest you for child abuse."
On the other hand, definitely don't tell Grandma that you let Johnnie bite his little sister. I'm sure they'd work out a way to get you for that as well...
It makes an interesting point, though, that a Constitution is ultimately not sufficient to guarantee a country continuing to be run the way its founders wanted it run. As an Englishman I've always lived among people who can't see why the US gets so hung up about its Constitution; so I'm interested to know how much of the US agrees with the last paragraph...
The free speech thing can still work against this. Consider. I can currently take a proprietary product to Australia, reverse engineer it, and publish an interface description which people can re-implement to.
So, all a company needs to do is embed obscenities and hidden pornography in their application, and then it's illegal to download it in Australia in any case. Worse still, put obscenities in the fuc^Hnction names, so publishing the resulting interface description becomes illegal under Australian net censorship laws:-)
This is consistent. The US allows freedom for its own citizens to use strong encryption but does its (feeble and ineffectual) best to disallow export of that technology to the UK. The UK happily allows me to export my encryption software to the US (except that they can't use it, but never mind, the RSA patent will run out soon...) but might start getting antsy about me using it here.
Both sides want the US to do better than the UK. From my own country, I question the sanity of this...
(Incidentally, I find it interesting that the only post scored above 1 when I read this item was one asking whether the same thing could happen in the US. I wonder if the moderators have any interest in the UK at all? Should a thread about UK news possibly be moderated by UK people?)
One point I don't see having been made in the replies here: how does a new author get started?
Nobody's going to pay for my first novel if they don't know who I am or whether I'm likely to be any good. Try Before You Buy has completely bitten the dust, because nobody even gets to read reviews before committing their money.
I'd have to start by publishing a couple of novels completely for free, and once people had decided they liked them, then they might pay for a third. And can you imagine the hate mail I'd get if my third novel was rubbish, from the people who paid money for me to finish it?
Slashdot Mirror
I agree with most of those comments. I particularly liked the approach to patents - it really does make the licence orthogonal to the patent status, and makes that explicit. Explicit is good.
I see one problem with the licence, though. It covers, very clearly, what I can do with the program itself, and with modified forms of the program; but it says incredibly little about what I can do in terms of taking parts of the program and using them in my own different programs.
If programs containing some IPL'd code count as derivative works of the IPL'd program and have to have the "Copyright IBM" notice on them, that's actually quite a lot less friendly than the GPL. I think that section of the licence would benefit from revision (if I've understood it correctly) or explanation (if I haven't).
I suppose if IBM are being as Good as people seem to think, I should just contact them and say this to their face. Anyone want to tell me whether I'm talking rubbish before I do so?
Good software engineers may already be aware of this sort of thing; I know as I read that book review I see things I've done and things I've wanted to do but not had the time and things I'm perfectly well aware of.
But that's not the primary value of a book like this. If the ideas were brand new and untested, they would be less valuable to have written down. The thing is that there are at least N+1 ways, for any given value of N, to re-engineer or refine or redesign a piece of code, and ideally you want to consider as many as possible before choosing which one to do. A book listing lots of them gives you a massive boost because it reduces the chance that you might overlook the one strategy that could be the biggest win. Think of it as a checklist: you may know, if you look in the fridge, that you have no milk, and as you walk around the house you may see any one of forty things you need to buy and they're all obvious to you, but you still make a shopping list when you go out because otherwise there's a good chance you'll forget at least one of them.
In addition, writing these down might help turn bad software engineers or learning software engineers into good software engineers. I think learning software engineers, if they're going to be good ones, probably are already subconsciously aware of these ideas and benefit from having them brought up into the conscious level and carefully reviewed.
Either way, since when do laws have anything to do with the majority's opinion? I didn't even realise it had to do with anyone's opinion.
Well, the laws are made by the government which are voted in by the majority. I see that as having something to do with it; don't you?
It doesn't seem to me that it's difficult to see why this is more secure than the current scheme.
Your average credit card is insecure because an eavesdropper has got all the information they need to fake further transactions. With this system, one imagines that what would happen is that the transaction site sends you a challenge (e.g. a bit string) and the card swiper responds by preparing a response (e.g. encrypting the bit string using a private key stored on the card). By embedding a time stamp or unique identifier in the challenge, you ensure that an eavesdropper can't fake a transaction because they aren't allowed to use the same challenge/response pair and aren't able to manufacture the response to a new challenge to create a different one.
Better still, you can embed the amount of the transaction in the challenge too, and then the transaction site itself can't try to claim you authorised more money than you actually did.
This has been done before; I knew somebody once who worked for a company with a severely paranoid firewall. He could connect into the inside of the firewall from the outside, but only by using a little hand-held special crypto device. He'd telnet to the firewall machine, which would give him back a bunch of digits and he'd punch them into the device. The device would supply a response string of digits, which he typed back into the firewall and then it let him through.
The fact that you can't subdivide gold beyond the atom level has nothing to do with the axiom of choice. I could challenge you to carve a Mandelbrot set out of gold, and you couldn't do that, for the same reason: atoms provide a maximum resolution.
The axiom of choice is only required to distinguish between some of the things that atomic structure prevents you carving out of gold, and other things that atomic structure prevents you carving out of gold. It isn't that the AoC is inapplicable to real life in this instance: it's that real life doesn't let you get as far as the point where you find out whether you can apply the AoC in practice or not.
The AoC deals with uncountable things, but that isn't why it gets bad press as an axiom: lots of Cantor's stuff is far more widely accepted than the AoC even though it deals with uncountable things at least as much.
Mathematical pedantry over. Sorry.
Actually, it seemed to me that a lot of the stories on that site had been submitted by female support engineers.
I have a feeling this might partly be because customers faced with a woman on the line are more likely not to believe she's competent. I've known women who complain about this ... Admittedly that doesn't make much difference when the customer is actually stupid, but it would help explain some of the ones where the customer wrongly assumes the tech is stupid.
Then again, I could be wrong; maybe it's just that the ones submitted by women had a higher tendency to mention that, whereas those submitted by men didn't feel the need to state their gender? *shrug*
. . . was the part where they said "Do you find yourself dependent upon [list of things] food or eating?"
Man, if I don't eat pretty regular, you wouldn't believe what happens to my metabolism. I just gotta. I mean, I'm not addicted, not really, that's for wimps, but I dunno how I'd survive without food.
. . . well it is, of course :-) But it reminds me of a story a friend of mine told after he did work experience at a printing company.
His first task was to typeset a simple invitation card. So, with the supervisor guy watching over his shoulder, he fired up the DTP thing they had and started typing.
The supervisor immediately gasped and demanded to know how he'd done that. "That", it turned out, was typing the initial letter of a word in capitals.
This is really true. The entire (small) company had been unaware of the Shift key, and when they wanted things in caps they typed them in lowercase, selected the first letter, and selected All Caps from a drop-down menu. Always. Whenever caps were required.
The best bit is that after our guy explained what he'd done and how you ought to have noticed if you'd ever even used a typewriter, the supervisor thought about it for a bit and said "That's too complicated, I think. We'll just stick to the way we know."
The same argument, that if guns are outlawed, only outlaws will have guns, holds true for encryption, just as it does for all proscriptive laws.
Damn right. Outlawing encryption won't stop the terrorists from encrypting and thus make them easier to catch; the terrorists will just carry right on encrypting and everybody else will suffer the privacy loss.
The usual counter-argument to that is that you can then arrest the terrorists as soon as you catch them using encryption, and don't actually have to wait for them to e.g. blow up large numbers of people first; but one imagines that properly organised terrorists will just take the rap for encrypting and pass the actual job on to another cell which didn't get caught, which won't really slow them down very much.
Conclusion: outlawing encryption doesn't help nearly as much as it ought to against organised criminals such as the ones who can be bothered to plan ahead using encrypted communications, and thus isn't worth all the downsides.
that all must suffer a diminution of their rights because of the infractions of a few
Yeah. "Unless the person who did it owns up the entire class will stay behind after school!" Haven't any of these anti-encryption people noticed that we're not ten-year-old schoolchildren?
"Don't tell Grandma "I had to spank Johnie today because he won't quit biting his little sister" because someone may arrest you for child abuse."
On the other hand, definitely don't tell Grandma that you let Johnnie bite his little sister. I'm sure they'd work out a way to get you for that as well...
It makes an interesting point, though, that a Constitution is ultimately not sufficient to guarantee a country continuing to be run the way its founders wanted it run. As an Englishman I've always lived among people who can't see why the US gets so hung up about its Constitution; so I'm interested to know how much of the US agrees with the last paragraph...
So, all a company needs to do is embed obscenities and hidden pornography in their application, and then it's illegal to download it in Australia in any case. Worse still, put obscenities in the fuc^Hnction names, so publishing the resulting interface description becomes illegal under Australian net censorship laws :-)
Someone pointed out the other day that "technocrat" is an anagram of "trenchcoat". :-)
Both sides want the US to do better than the UK. From my own country, I question the sanity of this...
(Incidentally, I find it interesting that the only post scored above 1 when I read this item was one asking whether the same thing could happen in the US. I wonder if the moderators have any interest in the UK at all? Should a thread about UK news possibly be moderated by UK people?)
This must be some new meaning of the word "free" of which I was not previously aware.
Nobody's going to pay for my first novel if they don't know who I am or whether I'm likely to be any good. Try Before You Buy has completely bitten the dust, because nobody even gets to read reviews before committing their money.
I'd have to start by publishing a couple of novels completely for free, and once people had decided they liked them, then they might pay for a third. And can you imagine the hate mail I'd get if my third novel was rubbish, from the people who paid money for me to finish it?