It's also possible the old client may just run the install for the new one (and let the new one run the old one's uninstaller), but in any case everything's under the old client's control as much as possible. Never does the remote server tell it what to delete.
Come on, think a little. If it can download an entire application over the net and then install it, that means it can run arbitrary code. In particular, it can delete whatever the user running it has permission to delete. There simply is no meaningful sense in which you could restrict the code to do less on a standard Windows machine.
The only way you can prevent that is to have some separate piece of software, certified to be good by an independent entity, verify that all the operations requested by the package install/upgrade make sense and do the install for the software. But Windows and Macintosh seem to be lacking such an independent piece of software, and the Linux package systems also still run arbitrary scripts as root.
Most auto-update are in fact initiated from the client, not the server. Usually something like
Again, you are confusing the mechanism they chose (server-push of updates) and its security problems with what you actually find in the code.
1) client looks for new version 2) client downloads new version 3) client check digital signature of download 4) client runs temp program 5) temp program uninstalls old client and installs new.
Yes, and a client that updates itself that way will still appear to contain code to delete arbitrary files somewhere in it. It just happens to be less likely that that code is used to actually delete things it shouldn't delete.
Yes, it falsifies Newtonian mechanics, which came before, though.
That is correct. But we already knew that Newtonian mechanics was wrong, both experimentally and because it is logically inconsistent.
So yup, it's just another data point to give a bit more confidence in theories that are previously held with reasonable conviction anyway.
Confidence compared to what? What alternative theories was this experiment designed to rule out? If you don't have any alternative theories, you don't gain any information from an experiment whose results agree with your theory.
There are also relative degrees of this, however. The logic that SCO appears to be following is that once infringement commences, it cannot cease, despite any efforts to the contrary. While past acts cannot be revoked and legal responsability remains, they are making it impossible to prevent future infringement.
There are two simple ways in which any company can always prevent future infringement: stop distributing the offending material or obtain a proper license.
To follow similar logic, say you're photocopying a book, and the book's author tells you to stop -- if you do, then the author can't acrue more damages past that point. SCO would prefer to believe the contrary, it appears.
But SGI, according to SCO keeps copying the book: they keep distributing what SCO claims is derived code. We both may disagree with the logic that SCO uses to claim that the code is derived, but if it's derived, it's sensible for them to do what they are doing.
No, the core question is whether SCO's argument about what derives from what is valid. And it's not just SCO making those kinds of arguments. Many other companies that give you source code under a license claim that if you as much as look at it and work on anything related later, it constitutes a "derived work" under copyright law. So, think twice before you look at the Sun Java or Microsoft MFC source code--you may never be able to work on a GUI toolkit or system library again, commercial or free.
It's misleading to say that this experiment "confirms" General Relativity. What it does is fail to falsify GR. That's nothing to sneeze at. But it tests such a small part of GR that one really can't say that it "confirms" GR. These kinds of delays are part of many alternative theories as well. If you say that this experiment "confirms" GR, then it also "confirms" many theories that otherwise wildly disagree with GR.
A reasonable auto-upgrade would just have code for the client to delete itself and run the new install I'd think.
No. They may have to remove old DLLs, temporary files, etc., for the same reason an RPM package does.
RPMs may delete files but don't sit and listen on an open socket accepting delete requests from a remote server somewhere.
Yes, that part is different and quite worrisome. But no matter who originates the upgrade, the code doing the upgrading needs to be able to perform pretty much arbitrary file system operations.
So, complain about them for having remote upgrade capabilities in there in the first place. But it makes little sense to complain that their remote ugprade capabilities do what most other package managers and upgraders have as well.
Basically, SCO is asserting that "you're f**ked no matter what you do", which for anyone who is thinking of at least trying to remove possible infringments is stating "why bother."
And if SCO's claims weren't so ludicrous, that would be a perfectly reasonable position for them to take. For example, if you were copy half of the Windows NT source code and shipt it as a free product, well, of course, you'd be in violation of various coyrights and you'd be "f**ked no matter what you do".
The original exploit was a method that let anybody delete any arbitrary file from your PC? Could it have just been a poorly implemented version of the "we need to delete specific files" thing mentioned above?
An RPM package upgrade can, in principle, delete arbitrary files, so why shouldn't this upgrade code? Any code that performs remote upgrades may have to be able to perform pretty much arbitrary file system operations.
The real issue is that application programs have to have this sort of thing in them in the first place. That's because neither Microsoft nor Apple have yet found a way of creating a uniform, reliable system for remote upgrades. They have piecemeal solutions for the OS and for packaging, but nothing that compares to what you can get for Linux.
Really? Name someone doing "nothing at all" for an "HIV" infection who is worse for it? One. Just one. Any studies?
Plenty of studies. Here is the NIH fact sheet with numerous references.
I have one. The late tennis pro Arthur Ashe. He started the path to turning from AZT but never did. His wife and child both had HIV, but never received treatment.
They can't have "had" HIV--it's a persistent infection--it stays around for life. And, yes, many people live with HIV for a decade or longer before showing AIDS symptoms. Some people never progress. But AIDS is, if anything, remarkably lethal. Hepatitis B, for example, establishes a persistent, lethal infection only in a much smaller percentage of patients.
HIV is a harmless retrovirus. It's been around for ages, much longer than 20 years. Poppers have not been in use as a daily recreational drug for more than twenty years. Look into it rather than spewing off the party statement. It's quite awakening.
There is an excellent correlation between HIV and AIDS: almost all people infected with HIV will eventually develop AIDS, while immunosuppression or AIDS symptoms in people not infected with HIV are very rare. Poppers are not a reasonable explanation for AIDS because they are not used in much of the world where HIV is prevalent, and all the other factors that Duesberg has proposed have existed for much longer than AIDS has been around.
Given for how long people believed in a flat earth, it's not surprising that there are people like you around. And that wouldn't matter if those ideas didn't cause people to harm themselves. But they do.
Whether and when you start treatment with anti-retrovirals is your business. I think it's a perfectly rational choice not to use anti-retrovirals even if you believe that they help. But declaring HIV to be a "harmless retrovirus" and, by implication, telling people that they don't need to practice safe sex is irresponsible. Because even if, against all odds, Duesberg is right, safe sex would be a sensible precaution until we were certain of that.
The problem with Duesberg and you is not the theory about AIDS itself--plenty of scientists have plenty of doubts about how HIV and AIDS are related--it's the irresponsible way in which it is advanced.
Also, my quick Google indicates that anti-retrovirals are given to otherwise healthy people with positive HIV tests, and there is some emerging controversy about whether this is the way to go.
That controversy isn't "emerging", it has been there since the beginning. The reason is that each anti-HIV drug only works for a limited amount of time because resistant forms of the virus start appearing within a person's bloodstream. So, if you give the drugs early while the immune system is still capable of coping with the virus itself, you may be "using up" the period of efficacy of that drug uselessly.
On the other hand, there are also good arguments that if you hit the virus early and hard, it won't be able to hide away in as many places in the body, lessening the overall severity of the disease.
What do people do? They do clinical studies: they treat one group of patients one way, another group of patients the other way, and they look at treatment outcomes. That's standard practice.
So maybe Duesberg is the defense attorney all the cops are mad at, [...] There is a chance Duesberg is right and down the road there will have to be a major revision of the HIV-AIDS hypothesis -- in the mean time people should stop sputtering and being so mad.
The only reliable method we have of dealing with HIV and AIDS is prevention. Furthermore, treatment with anti-retrovirals does seem to help people and may reduce transmission. Duesberg can advance whatever oddball scientific theories he likes, but when they start interfering with prevention and treatment efforts, then they threaten people's lives, and that necessarily prompts a strong reaction.
No, mention Duesberg and veins bulge out of the neck, and eyes pop out of the skull, and people launch into attacks "He is a nut! He is a washed-up jealous scientist! He is a deceiver!" I have yet to see a refutation of this position that 1) addresses the specific points he raises (go hear him talk someplace -- I have heard the rantings of pseudo-scientists before, and while Duesberg may be in error, his arguments are well-structured and deserving of proper debate), and 2) doesn't make a gratuitis jab at his reputation or launch into an ad-hominem attack.
There are plenty of scientists who have plenty of issues with the current HIV/AIDS models. Numerous alternatives have been proposed, among them even a number that would eliminate the use of anti-retroviral drugs.
The problem with Duesberg is not his theory, it's his presentation and his lack of responsibility. He isn't stupid--if this were about getting his theories looked at and accepted, he knows what to do: maintain a reputable research lab, do some experiments on the side to test his hypothesis, and slowly, carefully, and gently advance the hypothesis. Instead, he stands up and says "you are all wrong". He is in this position of controversial figure because he wants to be. It's an ego thing.
There is a chance Duesberg is right and down the road there will have to be a major revision of the HIV-AIDS hypothesis -- in the mean time people should stop sputtering and being so mad.
There isn't just a chance, there is a pretty good likelihood. But Duesberg will have done nothing to bring that about--he will, in fact, have harmed the chances of such a theory because he has tainted all such theories with his crackpot image. And one has to wonder how many thousands of people will die because Duesberg's rantings lead them to believe that HIV is harmless and they don't need to protect themselves or their partners. That is very much something to get mad about.
Re:there is a national ID system
on
Beyond Fear
·
· Score: 1
Why would they?
First of all, a national ID system would almost certainly come with stronger privacy legislation, something that would make a lot of the current data collection and exchange practices in the US illegal.
Also, a large part of the work involved in keeping databases on people has to do with figuring out who they are and whether two pieces of information refer to the same person. A reliable, secure identification system would mean that institutions might not have to outsource that work at all. Many developed nations other than the US get by mostly without the kinds of private data collection and reporting services that are so widely used in the US.
Re:there is a national ID system
on
Beyond Fear
·
· Score: 1
And California is about to massively devalue that ID by issuing drivers licenses to undocumented (aka illegal) aliens.
You are absolutely right: what a marvelous benefit. That alone makes me want to support that proposal.
Driver's licenses are for driving an automobile, not for anything else. If California's move causes people not to use them for other purposes, that's a great step forward. Let's hope the other 49 states will "devalue" their driver's licenses in the same way.
Just because someone states an opinion, it is an invitation for everyone and their brother to not only tell you that you're wrong,
So, you are saying that your opinion is right and everybody else should just shut up?
but that your mother was an ape.
That accusation is completely uncalled for: I did not insult you or your mother.
Plus, I've noticed in x86 hardware, if you run out of resources, the computer just gives up.
What happens under limited resources is a function of the OS and its configuration, not the processor. Windows can't deal with running out of resources at all. The behavior of UNIX and Linux systems depends on how they are set up. Frankly, I generally prefer them to reboot rather than to "chug along".
Sun hardware is rediculously stable.
I have had plenty of Sun systems fail on me over the years. They have pretty much all the same failure modes as PCs. I even had a Sun system catch fire spontaneously, something I have never experienced with hardware from any other vendor.
It's not uncommon to have 400 day uptimes in solaris without blinking an eye.
If you choose stable Linux and BSD installations, you get the same thing. And it isn't like every version of SunOS or Solaris is stable: they had serious problems, like file corruption and kernel memory leaks. Some of those bugs were in their OS for years.
But it doesn't even matter. 400 day uptimes are an academic pissing contest, not something of any relevance for any well-designed real-world system.
If you end up with a 32 node x86 cluster, you're going to have hardware failure. x86 hardware is simply not as reliable.
Even if that were true, it doesn't matter. If you aren't prepared to deal with hardware failure in your systems designs, then buying overpriced hardware isn't going to save you.
Just deal with the fact that, though you may like some system over another, to someone else, there are other choices.
At issue isn't your choice. You could use a CADR, VAX, or a Dandelion for all I care. But you made a statement that you think that Sun has a stable market, and I consider that statement to be ridiculously out of touch with reality. In my opinion, Sun is a company in deep trouble, with no technical edge, and with a market that's is under attack from Microsoft, Linux, and IBM.
And it is worth thinking about these issues because what happens to Sun matters both to their customers and to open source projects that are somehow linked with Sun.
At this point, as a general rule, I would not buy Sun's hardware or rely on any of Sun's non-open source software (in particular, I'd rely neither on Solaris nor Java).
I work with sun hardware day-in and day-out.
And I used to work with Sun hardware and was a system manager for DEC and Sun UNIX machines. It's exactly because I have seen Sun go out the door in so many places and because I have lived with SunOS and Solaris over the last 15 years that I believe Sun has no direction and no future.
What happens when you give an anti-retroviral to how sick of an AIDS patient, and how less sick does this AIDS patient become? [...] what happens to CD4 counts and to AIDS symptoms?
They improve.
Rhere is something scientifically strange about HIV/AIDS that it doesn't fit patterns of other viral illnesses.
Of course, there is: it's a retrovirus that infects parts of the immune system and mutates rapidly. And there are lots of things about HIV and AIDS that are not understood at all. There may be co-factors, other viruses, genetic differences, etc. But anti-retrovial therapy for HIV clearly works better than doing nothing at all and the theories underlying it are more plausible and consistent than those underlying many other treatments for other diseases.
Maybe some fundamentally new way of looking at HIV and AIDS will eventually yield some better approach in the future, but Duesberg doesn't seem to be contributing constructively to the debate anymore.
With already available medication, they can live for an indefinite time more.
That's a dangerous myth. Yes, some people are long term survivors. Yes, medication has helped some. But HIV/AIDS is still a disease that greatly shortens life expectancy. And the treatments are often disfiguring and have serious side-effects. And then there is just the hassle and expense of it all.
In 10 years, medications are expected to be much better and have fewer collateral effects. Specially considering that in 10-15 years genetic therapy will probably already be available.
That's a big gamble, given that so much is still not understood about HIV.
[Older people] tend to be more conservative and think on the long run.
Yes, that's because many of the "less conservative" thinkers have eliminated themselves from the population before becoming old.
there is a national ID system
on
Beyond Fear
·
· Score: 1
In reality, the US has a national ID system, consisting of your drivers license and your SSN (with your birth certificate thrown in occasionally). It simply is a bad one, poorly administered, insecure, and rife with identity theft and fraud. Why doesn't it get fixed?
Who knows. Probably a combination of stupidity, xenophobia ("the Europeans are doing it--it can't be any good"), crooks like it (and they get to vote and lobby, too), and because it is enormously profitable for some, like companies that make a living out of collecting data about you, aggregating it, and providing that information to others. A good system of national IDs with good privacy legislation would make those companies redundant.
We really have a bad situation with Sun. On the one hand, the money-making parts of the company are being beaten up badly by Linux, BSD, and Microsoft. On the other hand, there is a significant number of open source Java projects.
But, unfortunately, Java isn't open source. In fact, Java isn't even an open standard: you can't implement it on your own. Sun has woven an intricate web of contractual dependencies, trademarks, patents, copyrights, and certification procedures around the Java platform. If you don't believe me, actually spend some time reading the SCSL, the documentation license (both presented to you when you download code from java.com), the JCP agrements, and their patents on the USPTO web site.
Note that this situation is very different from some of Sun's other open source contributions. OpenOffice (as far as I can tell) is open source and guaranteed to remain that way because it is covered by the GPL. That's the kind of open source donations we need. But the fact that Sun got it right with OpenOffice doesn't help the fact that Sun got it wrong with Java.
While Sun's potential claims may ultimately be legally weak, they seem far more substantive to me than SCO's claims regarding Linux--Sun really can claim that "all Java implementations derive from their work". And like SCO, Sun is set up for a predictable corporate financial melt-down. It is going to be desperate management and sleazy lawyers that are going to turn off the lights at Sun, as they do at most other failing companies, and they will try to monetize the few remaining assets that Sun will have as much as possible.
As long as Sun was rich, we could perhaps trust them to keep funding Java development with their other earnings and to give the resulting binaries away, even if the platform wasn't open source. But it looks probable now that Sun is going to go downhill, and open source Java developers need guarantees now that the platform is going to remain at least free-as-in-beer and that someone else will be able to take over its maintenance.
The best way of guaranteeing that that I see is for Sun to put their Java-related patents into the public domain, remove the restrictive licenses from the Java specifications, and to open source their implementation. But the JCP doesn't guarantee any of that. If Sun doesn't do that, open source developers should now stay away from Java.
But, if you're looking to drop $1.3 million on a computer, you go to Sun.
Just because Sun overcharges for their computers doesn't make them a "high-end market provider".
If I'm going to spend $1.3 million on a computer, I might just as well go with IBM. Of, depending on the application, set up a large cluster out of PC hardware, like Google and many other companies.
As far as I can tell, the only thing that has been keeping Sun above water is the fact that they used to have proven, high-end multi-processor machines, which you need if you use a large, non-distributed database. But with the increasing availability of distributed databases, very high speed networks, and people who are getting smarter about distributed systems, the importance of that is fading fast. And, of course, IBM in particular has added high-end UNIX machines to their offerings, in addition to their mainframes. In fact, much of Sun's remaining business was business that Sun had taken away over the years from IBM and that is now going back to IBM (the other big part of Sun's business was academia and research, but I don't see Sun being a dominant player there anymore).
Sun OS is about as stable as they come.
Actually, Sun is running Solaris now. And their OS has had plenty of serious bugs over the years. Furthermore, it simply isn't competitive. If it came on the market today, it would be laughed at. The only reason why people are still using it is because they have been using it for years.
Reading through the comments on freshmeat.net, it seems that the Mplayer installation still draws the most flamage.
End-users shouldn't have to compile mplayer. That's what we have Linux distributions for. They package things so that software that can be installed with a single command (three commands if you are not set up for it):
Mplayer necessarily has lots of dependencies, and you can't blame its developers for that.
Of course, mplayer doesn't just ship with many Linux distributions out of the box in the first place (or is crippled) probably because of software patents and DCMA concerns. So, blame that this is even an issue on the USPTO and RIAA.
who is more technologically savvy, your average spammer or your average politician?
Who is more technologically savvy--your average bank robber or your average politician? Who is more savvy about poisons and guns--your average murderer or your average politician?
See, by your argument, most laws are useless because they were made by people not as good at committing the crime as the people who actually did commit the crime.
First, "democracy" and "republic" are technical terms here. A democracy gives the population and enormous share in saying things. [...] The best example is the death penalty [for the record: I am against it]. The reason why Europe doesn't have the death penalty while some U.S. states do is not because the Europeans are morally superior, but because they are not allowed any say on the matter
Germany, France, and Britain are, of course, democracies.
The reason why they don't have the death penalty is because it violates their constitutions and European human rights conventions. Referendums and politicial decisions in the US are also routinely thrown out because they violate the US Constitution. In fact, I guarantee you that sooner or later, US courts will declare the death penalty unconstitutional in the US as well.
Because U.S. politicians are elected as people, if you don't like the guy, he is gone in six years max. Most European politicians are elected via their party; if you want to get rid of them, you have vote for a completely different party. [...] Pity the Europeans: When they watch their news at night, they know that they will probably be seing those same faces for the rest of their lives, and there is not a damn thing they can do against it.
The "choice" that US voters get is meaningless because it doesn't actually affect the policies that get enacted. Presidentail votes are about whether Clinton got a blowjob from an intern and whether Bush's drinking problem has stopped, not policy issues.
Europeans actually have had far more meaningful political choices. Over the last couple of decades, Germany, France, and the Netherlands have gotten powerful parties standing for positions on the environment, immigration, and education, that were previously unrepresented in Europe and still are nearly completely ignored by any US party with any power. There is still far more thoughtful political participation by citizens in those countries than in the US because their choices still matter.
The population in the U.S. could have a far greater influence on policy than possible in Europe -- if they wanted to, and so they could get a lot changed.
Theoretically, that may or may not be true. In practice, the US population has much less say in the policies of the nation than Europeans.
Sadly, Americans don't go to elections that often, and so we end up where we are today.
That isn't apathy, it's the simple realization that, given the way the US political system operates in practice, they don't have meaningful choices. Clinton, Dole, Gore, Bush, they are basically all roughly interchangeable. And look at the choice we get in California: Davis, Bustamante, Schwarzenegger. None of them has a coherent vision or proposals, and even if they did, they'd be foolish to articulate them before the election. There is no point in voting in most US elections.
It's not enough that 46 cents of every dollar my company produces goes into a government coffer before hitting one of the employees bank acounts?
That money doesn't go into "government coffers", it goes to pay for basic retirement benefits, teachers, public health, health care, clean cities, social services, etc.
Without that, you wouldn't have a business. Your company on its own couldn't afford to create the roads, infrastructure, security, safety, laws, contracts, etc. privately that the government provides. In fact, it was precisely to allow companies like yours to exist that we, the people, have the government and taxes we have.
It's ironic that small business people like yourself are often the ones belly-aching about this most because if that ever changes, you will be the first to go: security, education, and all the other things you depend on don't come from the tooth fairy.
The government taxes productive businesses to give it to unproductive ones to "keep existing jobs."
Your business (I'm assuming Feratech is your business) is probably not productive in a net sense: most of the value you give to your customers is not something you created but something that the US government's investment in networking research and infrastructure created over the last three decades. In effect, your wealth was indirectly taken out of the pockets of hundreds of millions of tax payers.
There is nothing wrong with that--that's a choice we as a society made. What is wrong is that rather than thanking your stars for your good fortune of being in a position to receive such a windfall, by living in the US, you are being arrogant about it and belittle people less fortunate than yourself.
But we agree to a certain degree: the government does waste a lot of money on "unproductive businesses". The biggest unproductive chunk is the US military, which is probably about 10x the size it needs to be. Farm subsidies, airline subsidies, and steel protectionism are other areas of colossal waste. If you want to see where your tax dollars are being wasted, that's the place to look.
Without excessive government interference, we'd be twice the size we are now (read that as "creating more jobs" for those of you that believe in our Marxist/Fascist economy).
US government services are already at a minimal level. If white collar law enforcement, education, healthcare, retirement, infrastructure, research funding, etc. get squeezed any more, businesses like yours simply won't be able to exist anymore.
We have had the kind of laissez-faire capitalism you seem to advocate before. Read about it in your history books.
You obviously never worked with Novell. Novell was a well integrated and easy to deploy network solution with excellent performance. It was a cut above any of your 'innovators' products.
You're confusing product packaging with innovation. Novell may have packaged the technology well and made a good product, but they certainly didn't pioneer it.
You only need to look at the relative presence of Novell and IBM, Xerox, and Bell Labs in the peer reviewed conferences and publications at the time to see that there wasn't much innovation or research going on at Novell.
And the distinction matters. Until imitators and productizers like Novell actually start investing big time in research, computer systems research will continue to stagnate (of course, it's probably too late for Novell now).
For all its faults, at least Microsoft has seen the light and started investing heavily in research half a dozen years ago, after a decade of just productizing other people's ideas.
Novell pioneered the LAN (local area network) throughout the 1980s and early 1990s
That is utter nonsense. LAN and most of the infrastructure we take for granted on LANs didn't come from Novell. It didn't even come out of the PC world or the Mac world either. Commercially, LANs consisting of desktop machines and servers were popularized by workstation vendors, both UNIX workstation vendors like Sun, and non-UNIX workstation vendors like Symbolics. But they were actually pioneered by places like MIT, Berkeley, DEC, Bell Labs, and Xerox PARC.
All Novell did was what PC vendors have always done: take successful ideas out of the non-PC world and repackage them, poorly.
Slashdot Mirror
It's also possible the old client may just run the install for the new one (and let the new one run the old one's uninstaller), but in any case everything's under the old client's control as much as possible. Never does the remote server tell it what to delete.
Come on, think a little. If it can download an entire application over the net and then install it, that means it can run arbitrary code. In particular, it can delete whatever the user running it has permission to delete. There simply is no meaningful sense in which you could restrict the code to do less on a standard Windows machine.
The only way you can prevent that is to have some separate piece of software, certified to be good by an independent entity, verify that all the operations requested by the package install/upgrade make sense and do the install for the software. But Windows and Macintosh seem to be lacking such an independent piece of software, and the Linux package systems also still run arbitrary scripts as root.
Most auto-update are in fact initiated from the client, not the server. Usually something like
Again, you are confusing the mechanism they chose (server-push of updates) and its security problems with what you actually find in the code.
1) client looks for new version
2) client downloads new version
3) client check digital signature of download
4) client runs temp program
5) temp program uninstalls old client and installs new.
Yes, and a client that updates itself that way will still appear to contain code to delete arbitrary files somewhere in it. It just happens to be less likely that that code is used to actually delete things it shouldn't delete.
Yes, it falsifies Newtonian mechanics, which came before, though.
That is correct. But we already knew that Newtonian mechanics was wrong, both experimentally and because it is logically inconsistent.
So yup, it's just another data point to give a bit more confidence in theories that are previously held with reasonable conviction anyway.
Confidence compared to what? What alternative theories was this experiment designed to rule out? If you don't have any alternative theories, you don't gain any information from an experiment whose results agree with your theory.
There are also relative degrees of this, however. The logic that SCO appears to be following is that once infringement commences, it cannot cease, despite any efforts to the contrary. While past acts cannot be revoked and legal responsability remains, they are making it impossible to prevent future infringement.
There are two simple ways in which any company can always prevent future infringement: stop distributing the offending material or obtain a proper license.
To follow similar logic, say you're photocopying a book, and the book's author tells you to stop -- if you do, then the author can't acrue more damages past that point. SCO would prefer to believe the contrary, it appears.
But SGI, according to SCO keeps copying the book: they keep distributing what SCO claims is derived code. We both may disagree with the logic that SCO uses to claim that the code is derived, but if it's derived, it's sensible for them to do what they are doing.
No, the core question is whether SCO's argument about what derives from what is valid. And it's not just SCO making those kinds of arguments. Many other companies that give you source code under a license claim that if you as much as look at it and work on anything related later, it constitutes a "derived work" under copyright law. So, think twice before you look at the Sun Java or Microsoft MFC source code--you may never be able to work on a GUI toolkit or system library again, commercial or free.
It's misleading to say that this experiment "confirms" General Relativity. What it does is fail to falsify GR. That's nothing to sneeze at. But it tests such a small part of GR that one really can't say that it "confirms" GR. These kinds of delays are part of many alternative theories as well. If you say that this experiment "confirms" GR, then it also "confirms" many theories that otherwise wildly disagree with GR.
A reasonable auto-upgrade would just have code for the client to delete itself and run the new install I'd think.
No. They may have to remove old DLLs, temporary files, etc., for the same reason an RPM package does.
RPMs may delete files but don't sit and listen on an open socket accepting delete requests from a remote server somewhere.
Yes, that part is different and quite worrisome. But no matter who originates the upgrade, the code doing the upgrading needs to be able to perform pretty much arbitrary file system operations.
So, complain about them for having remote upgrade capabilities in there in the first place. But it makes little sense to complain that their remote ugprade capabilities do what most other package managers and upgraders have as well.
Basically, SCO is asserting that "you're f**ked no matter what you do", which for anyone who is thinking of at least trying to remove possible infringments is stating "why bother."
And if SCO's claims weren't so ludicrous, that would be a perfectly reasonable position for them to take. For example, if you were copy half of the Windows NT source code and shipt it as a free product, well, of course, you'd be in violation of various coyrights and you'd be "f**ked no matter what you do".
The original exploit was a method that let anybody delete any arbitrary file from your PC? Could it have just been a poorly implemented version of the "we need to delete specific files" thing mentioned above?
An RPM package upgrade can, in principle, delete arbitrary files, so why shouldn't this upgrade code? Any code that performs remote upgrades may have to be able to perform pretty much arbitrary file system operations.
The real issue is that application programs have to have this sort of thing in them in the first place. That's because neither Microsoft nor Apple have yet found a way of creating a uniform, reliable system for remote upgrades. They have piecemeal solutions for the OS and for packaging, but nothing that compares to what you can get for Linux.
Here is a much longer and more specific refutation of Duesberg's claims.
Really? Name someone doing "nothing at all" for an "HIV" infection who is worse for it? One. Just one. Any studies?
Plenty of studies. Here is the NIH fact sheet with numerous references.
I have one. The late tennis pro Arthur Ashe. He started the path to turning from AZT but never did. His wife and child both had HIV, but never received treatment.
They can't have "had" HIV--it's a persistent infection--it stays around for life. And, yes, many people live with HIV for a decade or longer before showing AIDS symptoms. Some people never progress. But AIDS is, if anything, remarkably lethal. Hepatitis B, for example, establishes a persistent, lethal infection only in a much smaller percentage of patients.
HIV is a harmless retrovirus. It's been around for ages, much longer than 20 years. Poppers have not been in use as a daily recreational drug for more than twenty years. Look into it rather than spewing off the party statement. It's quite awakening.
There is an excellent correlation between HIV and AIDS: almost all people infected with HIV will eventually develop AIDS, while immunosuppression or AIDS symptoms in people not infected with HIV are very rare. Poppers are not a reasonable explanation for AIDS because they are not used in much of the world where HIV is prevalent, and all the other factors that Duesberg has proposed have existed for much longer than AIDS has been around.
Given for how long people believed in a flat earth, it's not surprising that there are people like you around. And that wouldn't matter if those ideas didn't cause people to harm themselves. But they do.
Whether and when you start treatment with anti-retrovirals is your business. I think it's a perfectly rational choice not to use anti-retrovirals even if you believe that they help. But declaring HIV to be a "harmless retrovirus" and, by implication, telling people that they don't need to practice safe sex is irresponsible. Because even if, against all odds, Duesberg is right, safe sex would be a sensible precaution until we were certain of that.
The problem with Duesberg and you is not the theory about AIDS itself--plenty of scientists have plenty of doubts about how HIV and AIDS are related--it's the irresponsible way in which it is advanced.
Also, my quick Google indicates that anti-retrovirals are given to otherwise healthy people with positive HIV tests, and there is some emerging controversy about whether this is the way to go.
That controversy isn't "emerging", it has been there since the beginning. The reason is that each anti-HIV drug only works for a limited amount of time because resistant forms of the virus start appearing within a person's bloodstream. So, if you give the drugs early while the immune system is still capable of coping with the virus itself, you may be "using up" the period of efficacy of that drug uselessly.
On the other hand, there are also good arguments that if you hit the virus early and hard, it won't be able to hide away in as many places in the body, lessening the overall severity of the disease.
What do people do? They do clinical studies: they treat one group of patients one way, another group of patients the other way, and they look at treatment outcomes. That's standard practice.
So maybe Duesberg is the defense attorney all the cops are mad at, [...] There is a chance Duesberg is right and down the road there will have to be a major revision of the HIV-AIDS hypothesis -- in the mean time people should stop sputtering and being so mad.
The only reliable method we have of dealing with HIV and AIDS is prevention. Furthermore, treatment with anti-retrovirals does seem to help people and may reduce transmission. Duesberg can advance whatever oddball scientific theories he likes, but when they start interfering with prevention and treatment efforts, then they threaten people's lives, and that necessarily prompts a strong reaction.
No, mention Duesberg and veins bulge out of the neck, and eyes pop out of the skull, and people launch into attacks "He is a nut! He is a washed-up jealous scientist! He is a deceiver!" I have yet to see a refutation of this position that 1) addresses the specific points he raises (go hear him talk someplace -- I have heard the rantings of pseudo-scientists before, and while Duesberg may be in error, his arguments are well-structured and deserving of proper debate), and 2) doesn't make a gratuitis jab at his reputation or launch into an ad-hominem attack.
There are plenty of scientists who have plenty of issues with the current HIV/AIDS models. Numerous alternatives have been proposed, among them even a number that would eliminate the use of anti-retroviral drugs.
The problem with Duesberg is not his theory, it's his presentation and his lack of responsibility. He isn't stupid--if this were about getting his theories looked at and accepted, he knows what to do: maintain a reputable research lab, do some experiments on the side to test his hypothesis, and slowly, carefully, and gently advance the hypothesis. Instead, he stands up and says "you are all wrong". He is in this position of controversial figure because he wants to be. It's an ego thing.
There is a chance Duesberg is right and down the road there will have to be a major revision of the HIV-AIDS hypothesis -- in the mean time people should stop sputtering and being so mad.
There isn't just a chance, there is a pretty good likelihood. But Duesberg will have done nothing to bring that about--he will, in fact, have harmed the chances of such a theory because he has tainted all such theories with his crackpot image. And one has to wonder how many thousands of people will die because Duesberg's rantings lead them to believe that HIV is harmless and they don't need to protect themselves or their partners. That is very much something to get mad about.
Why would they?
First of all, a national ID system would almost certainly come with stronger privacy legislation, something that would make a lot of the current data collection and exchange practices in the US illegal.
Also, a large part of the work involved in keeping databases on people has to do with figuring out who they are and whether two pieces of information refer to the same person. A reliable, secure identification system would mean that institutions might not have to outsource that work at all. Many developed nations other than the US get by mostly without the kinds of private data collection and reporting services that are so widely used in the US.
And California is about to massively devalue that ID by issuing drivers licenses to undocumented (aka illegal) aliens.
You are absolutely right: what a marvelous benefit. That alone makes me want to support that proposal.
Driver's licenses are for driving an automobile, not for anything else. If California's move causes people not to use them for other purposes, that's a great step forward. Let's hope the other 49 states will "devalue" their driver's licenses in the same way.
Just because someone states an opinion, it is an invitation for everyone and their brother to not only tell you that you're wrong,
So, you are saying that your opinion is right and everybody else should just shut up?
but that your mother was an ape.
That accusation is completely uncalled for: I did not insult you or your mother.
Plus, I've noticed in x86 hardware, if you run out of resources, the computer just gives up.
What happens under limited resources is a function of the OS and its configuration, not the processor. Windows can't deal with running out of resources at all. The behavior of UNIX and Linux systems depends on how they are set up. Frankly, I generally prefer them to reboot rather than to "chug along".
Sun hardware is rediculously stable.
I have had plenty of Sun systems fail on me over the years. They have pretty much all the same failure modes as PCs. I even had a Sun system catch fire spontaneously, something I have never experienced with hardware from any other vendor.
It's not uncommon to have 400 day uptimes in solaris without blinking an eye.
If you choose stable Linux and BSD installations, you get the same thing. And it isn't like every version of SunOS or Solaris is stable: they had serious problems, like file corruption and kernel memory leaks. Some of those bugs were in their OS for years.
But it doesn't even matter. 400 day uptimes are an academic pissing contest, not something of any relevance for any well-designed real-world system.
If you end up with a 32 node x86 cluster, you're going to have hardware failure. x86 hardware is simply not as reliable.
Even if that were true, it doesn't matter. If you aren't prepared to deal with hardware failure in your systems designs, then buying overpriced hardware isn't going to save you.
Just deal with the fact that, though you may like some system over another, to someone else, there are other choices.
At issue isn't your choice. You could use a CADR, VAX, or a Dandelion for all I care. But you made a statement that you think that Sun has a stable market, and I consider that statement to be ridiculously out of touch with reality. In my opinion, Sun is a company in deep trouble, with no technical edge, and with a market that's is under attack from Microsoft, Linux, and IBM.
And it is worth thinking about these issues because what happens to Sun matters both to their customers and to open source projects that are somehow linked with Sun.
At this point, as a general rule, I would not buy Sun's hardware or rely on any of Sun's non-open source software (in particular, I'd rely neither on Solaris nor Java).
I work with sun hardware day-in and day-out.
And I used to work with Sun hardware and was a system manager for DEC and Sun UNIX machines. It's exactly because I have seen Sun go out the door in so many places and because I have lived with SunOS and Solaris over the last 15 years that I believe Sun has no direction and no future.
What happens when you give an anti-retroviral to how sick of an AIDS patient, and how less sick does this AIDS patient become? [...] what happens to CD4 counts and to AIDS symptoms?
They improve.
Rhere is something scientifically strange about HIV/AIDS that it doesn't fit patterns of other viral illnesses.
Of course, there is: it's a retrovirus that infects parts of the immune system and mutates rapidly. And there are lots of things about HIV and AIDS that are not understood at all. There may be co-factors, other viruses, genetic differences, etc. But anti-retrovial therapy for HIV clearly works better than doing nothing at all and the theories underlying it are more plausible and consistent than those underlying many other treatments for other diseases.
Maybe some fundamentally new way of looking at HIV and AIDS will eventually yield some better approach in the future, but Duesberg doesn't seem to be contributing constructively to the debate anymore.
With already available medication, they can live for an indefinite time more.
That's a dangerous myth. Yes, some people are long term survivors. Yes, medication has helped some. But HIV/AIDS is still a disease that greatly shortens life expectancy. And the treatments are often disfiguring and have serious side-effects. And then there is just the hassle and expense of it all.
In 10 years, medications are expected to be much better and have fewer collateral effects. Specially considering that in 10-15 years genetic therapy will probably already be available.
That's a big gamble, given that so much is still not understood about HIV.
[Older people] tend to be more conservative and think on the long run.
Yes, that's because many of the "less conservative" thinkers have eliminated themselves from the population before becoming old.
In reality, the US has a national ID system, consisting of your drivers license and your SSN (with your birth certificate thrown in occasionally). It simply is a bad one, poorly administered, insecure, and rife with identity theft and fraud. Why doesn't it get fixed?
Who knows. Probably a combination of stupidity, xenophobia ("the Europeans are doing it--it can't be any good"), crooks like it (and they get to vote and lobby, too), and because it is enormously profitable for some, like companies that make a living out of collecting data about you, aggregating it, and providing that information to others. A good system of national IDs with good privacy legislation would make those companies redundant.
We really have a bad situation with Sun. On the one hand, the money-making parts of the company are being beaten up badly by Linux, BSD, and Microsoft. On the other hand, there is a significant number of open source Java projects.
But, unfortunately, Java isn't open source. In fact, Java isn't even an open standard: you can't implement it on your own. Sun has woven an intricate web of contractual dependencies, trademarks, patents, copyrights, and certification procedures around the Java platform. If you don't believe me, actually spend some time reading the SCSL, the documentation license (both presented to you when you download code from java.com), the JCP agrements, and their patents on the USPTO web site.
Note that this situation is very different from some of Sun's other open source contributions. OpenOffice (as far as I can tell) is open source and guaranteed to remain that way because it is covered by the GPL. That's the kind of open source donations we need. But the fact that Sun got it right with OpenOffice doesn't help the fact that Sun got it wrong with Java.
While Sun's potential claims may ultimately be legally weak, they seem far more substantive to me than SCO's claims regarding Linux--Sun really can claim that "all Java implementations derive from their work". And like SCO, Sun is set up for a predictable corporate financial melt-down. It is going to be desperate management and sleazy lawyers that are going to turn off the lights at Sun, as they do at most other failing companies, and they will try to monetize the few remaining assets that Sun will have as much as possible.
As long as Sun was rich, we could perhaps trust them to keep funding Java development with their other earnings and to give the resulting binaries away, even if the platform wasn't open source. But it looks probable now that Sun is going to go downhill, and open source Java developers need guarantees now that the platform is going to remain at least free-as-in-beer and that someone else will be able to take over its maintenance.
The best way of guaranteeing that that I see is for Sun to put their Java-related patents into the public domain, remove the restrictive licenses from the Java specifications, and to open source their implementation. But the JCP doesn't guarantee any of that. If Sun doesn't do that, open source developers should now stay away from Java.
But, if you're looking to drop $1.3 million on a computer, you go to Sun.
Just because Sun overcharges for their computers doesn't make them a "high-end market provider".
If I'm going to spend $1.3 million on a computer, I might just as well go with IBM. Of, depending on the application, set up a large cluster out of PC hardware, like Google and many other companies.
As far as I can tell, the only thing that has been keeping Sun above water is the fact that they used to have proven, high-end multi-processor machines, which you need if you use a large, non-distributed database. But with the increasing availability of distributed databases, very high speed networks, and people who are getting smarter about distributed systems, the importance of that is fading fast. And, of course, IBM in particular has added high-end UNIX machines to their offerings, in addition to their mainframes. In fact, much of Sun's remaining business was business that Sun had taken away over the years from IBM and that is now going back to IBM (the other big part of Sun's business was academia and research, but I don't see Sun being a dominant player there anymore).
Sun OS is about as stable as they come.
Actually, Sun is running Solaris now. And their OS has had plenty of serious bugs over the years. Furthermore, it simply isn't competitive. If it came on the market today, it would be laughed at. The only reason why people are still using it is because they have been using it for years.
Believe it: Sun is in trouble.
End-users shouldn't have to compile mplayer. That's what we have Linux distributions for. They package things so that software that can be installed with a single command (three commands if you are not set up for it):Mplayer necessarily has lots of dependencies, and you can't blame its developers for that.
Of course, mplayer doesn't just ship with many Linux distributions out of the box in the first place (or is crippled) probably because of software patents and DCMA concerns. So, blame that this is even an issue on the USPTO and RIAA.
who is more technologically savvy, your average spammer or your average politician?
Who is more technologically savvy--your average bank robber or your average politician? Who is more savvy about poisons and guns--your average murderer or your average politician?
See, by your argument, most laws are useless because they were made by people not as good at committing the crime as the people who actually did commit the crime.
Worse, if someone agrees to the Bitkeeper license and then contributes to Subversion then Subversion may be in trouble.
First, "democracy" and "republic" are technical terms here. A democracy gives the population and enormous share in saying things. [...] The best example is the death penalty [for the record: I am against it]. The reason why Europe doesn't have the death penalty while some U.S. states do is not because the Europeans are morally superior, but because they are not allowed any say on the matter
Germany, France, and Britain are, of course, democracies.
The reason why they don't have the death penalty is because it violates their constitutions and European human rights conventions. Referendums and politicial decisions in the US are also routinely thrown out because they violate the US Constitution. In fact, I guarantee you that sooner or later, US courts will declare the death penalty unconstitutional in the US as well.
Because U.S. politicians are elected as people, if you don't like the guy, he is gone in six years max. Most European politicians are elected via their party; if you want to get rid of them, you have vote for a completely different party. [...] Pity the Europeans: When they watch their news at night, they know that they will probably be seing those same faces for the rest of their lives, and there is not a damn thing they can do against it.
The "choice" that US voters get is meaningless because it doesn't actually affect the policies that get enacted. Presidentail votes are about whether Clinton got a blowjob from an intern and whether Bush's drinking problem has stopped, not policy issues.
Europeans actually have had far more meaningful political choices. Over the last couple of decades, Germany, France, and the Netherlands have gotten powerful parties standing for positions on the environment, immigration, and education, that were previously unrepresented in Europe and still are nearly completely ignored by any US party with any power. There is still far more thoughtful political participation by citizens in those countries than in the US because their choices still matter.
The population in the U.S. could have a far greater influence on policy than possible in Europe -- if they wanted to, and so they could get a lot changed.
Theoretically, that may or may not be true. In practice, the US population has much less say in the policies of the nation than Europeans.
Sadly, Americans don't go to elections that often, and so we end up where we are today.
That isn't apathy, it's the simple realization that, given the way the US political system operates in practice, they don't have meaningful choices. Clinton, Dole, Gore, Bush, they are basically all roughly interchangeable. And look at the choice we get in California: Davis, Bustamante, Schwarzenegger. None of them has a coherent vision or proposals, and even if they did, they'd be foolish to articulate them before the election. There is no point in voting in most US elections.
It's not enough that 46 cents of every dollar my company produces goes into a government coffer before hitting one of the employees bank acounts?
That money doesn't go into "government coffers", it goes to pay for basic retirement benefits, teachers, public health, health care, clean cities, social services, etc.
Without that, you wouldn't have a business. Your company on its own couldn't afford to create the roads, infrastructure, security, safety, laws, contracts, etc. privately that the government provides. In fact, it was precisely to allow companies like yours to exist that we, the people, have the government and taxes we have.
It's ironic that small business people like yourself are often the ones belly-aching about this most because if that ever changes, you will be the first to go: security, education, and all the other things you depend on don't come from the tooth fairy.
The government taxes productive businesses to give it to unproductive ones to "keep existing jobs."
Your business (I'm assuming Feratech is your business) is probably not productive in a net sense: most of the value you give to your customers is not something you created but something that the US government's investment in networking research and infrastructure created over the last three decades. In effect, your wealth was indirectly taken out of the pockets of hundreds of millions of tax payers.
There is nothing wrong with that--that's a choice we as a society made. What is wrong is that rather than thanking your stars for your good fortune of being in a position to receive such a windfall, by living in the US, you are being arrogant about it and belittle people less fortunate than yourself.
But we agree to a certain degree: the government does waste a lot of money on "unproductive businesses". The biggest unproductive chunk is the US military, which is probably about 10x the size it needs to be. Farm subsidies, airline subsidies, and steel protectionism are other areas of colossal waste. If you want to see where your tax dollars are being wasted, that's the place to look.
Without excessive government interference, we'd be twice the size we are now (read that as "creating more jobs" for those of you that believe in our Marxist/Fascist economy).
US government services are already at a minimal level. If white collar law enforcement, education, healthcare, retirement, infrastructure, research funding, etc. get squeezed any more, businesses like yours simply won't be able to exist anymore.
We have had the kind of laissez-faire capitalism you seem to advocate before. Read about it in your history books.
You obviously never worked with Novell. Novell was a well integrated and easy to deploy network solution with excellent performance. It was a cut above any of your 'innovators' products.
You're confusing product packaging with innovation. Novell may have packaged the technology well and made a good product, but they certainly didn't pioneer it.
You only need to look at the relative presence of Novell and IBM, Xerox, and Bell Labs in the peer reviewed conferences and publications at the time to see that there wasn't much innovation or research going on at Novell.
And the distinction matters. Until imitators and productizers like Novell actually start investing big time in research, computer systems research will continue to stagnate (of course, it's probably too late for Novell now).
For all its faults, at least Microsoft has seen the light and started investing heavily in research half a dozen years ago, after a decade of just productizing other people's ideas.
That is utter nonsense. LAN and most of the infrastructure we take for granted on LANs didn't come from Novell. It didn't even come out of the PC world or the Mac world either. Commercially, LANs consisting of desktop machines and servers were popularized by workstation vendors, both UNIX workstation vendors like Sun, and non-UNIX workstation vendors like Symbolics. But they were actually pioneered by places like MIT, Berkeley, DEC, Bell Labs, and Xerox PARC.
All Novell did was what PC vendors have always done: take successful ideas out of the non-PC world and repackage them, poorly.