The most controversial issue in the information technology industry today is the ongoing battle over software copyrights and intellectual property. This battle is being fought largely between vendors who create and sell proprietary software, and the Open Source community. My company, the SCO Group, became a focus of this controversy when we filed a lawsuit against IBM alleging that SCO's proprietary Unix code has been illegally copied into the free Linux operating system. In doing this we angered some in the Open Source community by pointing out obvious intellectual property problems that exist in the current Linux software development model.
This debate about Open Source software is healthy and beneficial. It offers long-term benefits to the industry by addressing a new business model in advance of wide-scale adoption by customers. But in the last week of August two developments occurred that adversely affect the long-term credibility of the Open Source community, with the general public and with customers.
The first development followed another series of Denial of Service (DDoS) attacks on SCO, which took place two weeks ago. These were the second and third such attacks in four months and have prevented Web users from accessing our web site and doing business with SCO. There is no question about the affiliation of the attacker - Open Source leader Eric Raymond was quoted as saying that he was contacted by the perpetrator and that "he's one of us." To Mr Raymond's partial credit, he asked the attacker to stop. However, he has yet to disclose the identity of the perpetrator so that justice can be done.
No one can tolerate DDoS attacks and other kinds of attacks in this Information Age economy that relies so heavily on the Internet. Mr Raymond and the entire Open Source community need to aggressively help the industry police these types of crimes. If they fail to do so it casts a shadow over the entire Open Source movement and raises questions about whether Open Source is ready to take a central role in business computing. We cannot have a situation in which companies fear they may be next to suffer computer attacks if they take a business or legal position that angers the Open Source community. Until these illegal attacks are brought under control, enterprise customers and mainstream society will become increasingly alienated from anyone associated with this type of behavior.
The second development was an admission by Open Source leader Bruce Perens that UNIX System V code (owned by SCO) is, in fact, in Linux, and it shouldn't be there. Mr Perens stated that there is "an error in the Linux developer's process" which allowed Unix System V code that "didn't belong in Linux" to end up in the Linux kernel (source: ComputerWire, August 25, 2003). Mr Perens continued with a string of arguments to justify the "error in the Linux developer's process." However, nothing can change the fact that a Linux developer on the payroll of Silicon Graphics stripped copyright attributions from copyrighted System V code that was licensed to Silicon Graphics under strict conditions of use, and then contributed that source code to Linux as though it was clean code owned and controlled by SGI. This is a clear violation of SGI's contract and copyright obligations to SCO. We are currently working to try and resolve these issues with SGI.
This improper contribution of Unix code by SGI into Linux is one small example that reveals fundamental structural flaws in the Linux development process. In fact, this issue goes to the very heart of whether Open Source can be trusted as a development model for enterprise computing software. The intellectual property roots of Linux are obviously flawed at a systemic level under the current model. To date, we claim that more than one million lines of Unix System V protected code have been contributed to Linux through this model. The flaws inherent in the Linux process must be openly addressed and fixed.
At a minimum, IP sources should be checked to assure that copyright
Why is being able to use the brand spanking new version of MS Office so damned important? I would think that OpenOffice would have 99.9% of the functionality that 99.9% of the users require by now.
Looking down on that NASA impact calc table, I find that in 2078 the calculated distance from the predicted orbit to the earth is 0.11 earth diameters. That doesn't sound too good to me. Sure, it's difficult to predict so far into the future, but perhaps it's a good idea to nip this one in the bud, before our grandchildren gets it in the face.
(Repost non-anonymously. Duh. Forgot to log in.)
I'm getting a measly 26kb/s off bittorrent. I thought it was supposed to be fast? I'm on a 10Mbit line, so it ain't my pipe that's slow. Will it speed up when more people start downloading?
When the machine works with 0... 1, and all values in between are possible, then we'll be a lot closer to how our brains work, and neural networks in general. Of course, getting 2 + 2 equal 4 every time might not be a given.
Not that many will read this so far after the news release, but for myself, I'd be willing to filter incoming smtp based on host OS. OpenBSD 3.4 pf will do this.
The factor that many americans miss is that all european countries have a lot of history -- and quite often that history consists of kicking each others butts in war.
Add to this the significant (sometimes huge) cultural differences between EU nations, and you'll soon come to the conclusion that a superstate is the dream of powerhungry politicians, not the people who happens to live in europe.
Sure, but in this case you wouldn't actually be selling the pot, just telling the cop that you do. If he searched you, you wouldn't have either oregano or pot. I don't think making the statement "I drove 280 mph through a kindergarden" will allow the law to put you in jail for reckless driving.
If there was a program available that did all the motions of sharing copyrighted material without actually doing so, and people started using it, RIAA and theirs friends would have a fair bit of work to do in order to prove what was used -- Kazaa et.al or their faking counterparts.
Assuming that this relates to file-sharing, you're not interested in -who- is sending you parts of a file, just what file and what part. Sure, that leaves it open to man-in-the-middle, but this is MP3's, not launch codes for ICBMs. I hope.
So spoofing the sender just means that you have to tag the packages with content information. Who cares who sent it? Not the receiver.
Well, after reading through their site, I have a few concers. Tracing UDP might require some more statistical software than tcpdump, but it's certainly doable. Now, if they went as far as actually spoof the sending address on those UDP's, that might work.
Still, an UDP based network requires known servers or points of contact. Even if those change, they're still targets that can be traced and attacked. ES5 is a step in the right direction towards anonymous file sharing, but it's not quite there yet.
It's a lot more explosive than gasoline. If you want to store sizeable quantities you also need to store it in liquid form, which means it's under high pressure, as well.
If this is supposed to cure MS Windows of blaster and it's friends, it's sort of a dead end. As part of the worm payload, a hacker would just subvert the windowsupdate IP resolving; an entry in HOSTS would do just fine. Or patching the windows update software itself so it connects to a site of the hackers choosing.
on this thing is that the root of the situation is the hardware cost. PC's are cheap, so most people get them, and therefore most people are comfortable with PCs and know them.
I think that is why companies (who are staffed and run by the same people) prefer PCs to Macs. They're a known quantity.
The same story with Windows versus MacOS and Linux. It's well known and people feel comfortable with it, so it gets used. Even in the face of ludicrous support costs, rampaging virii and gaping security holes.
Slashdot Mirror
This debate about Open Source software is healthy and beneficial. It offers long-term benefits to the industry by addressing a new business model in advance of wide-scale adoption by customers. But in the last week of August two developments occurred that adversely affect the long-term credibility of the Open Source community, with the general public and with customers.
The first development followed another series of Denial of Service (DDoS) attacks on SCO, which took place two weeks ago. These were the second and third such attacks in four months and have prevented Web users from accessing our web site and doing business with SCO. There is no question about the affiliation of the attacker - Open Source leader Eric Raymond was quoted as saying that he was contacted by the perpetrator and that "he's one of us." To Mr Raymond's partial credit, he asked the attacker to stop. However, he has yet to disclose the identity of the perpetrator so that justice can be done.
No one can tolerate DDoS attacks and other kinds of attacks in this Information Age economy that relies so heavily on the Internet. Mr Raymond and the entire Open Source community need to aggressively help the industry police these types of crimes. If they fail to do so it casts a shadow over the entire Open Source movement and raises questions about whether Open Source is ready to take a central role in business computing. We cannot have a situation in which companies fear they may be next to suffer computer attacks if they take a business or legal position that angers the Open Source community. Until these illegal attacks are brought under control, enterprise customers and mainstream society will become increasingly alienated from anyone associated with this type of behavior.
The second development was an admission by Open Source leader Bruce Perens that UNIX System V code (owned by SCO) is, in fact, in Linux, and it shouldn't be there. Mr Perens stated that there is "an error in the Linux developer's process" which allowed Unix System V code that "didn't belong in Linux" to end up in the Linux kernel (source: ComputerWire, August 25, 2003). Mr Perens continued with a string of arguments to justify the "error in the Linux developer's process." However, nothing can change the fact that a Linux developer on the payroll of Silicon Graphics stripped copyright attributions from copyrighted System V code that was licensed to Silicon Graphics under strict conditions of use, and then contributed that source code to Linux as though it was clean code owned and controlled by SGI. This is a clear violation of SGI's contract and copyright obligations to SCO. We are currently working to try and resolve these issues with SGI.
This improper contribution of Unix code by SGI into Linux is one small example that reveals fundamental structural flaws in the Linux development process. In fact, this issue goes to the very heart of whether Open Source can be trusted as a development model for enterprise computing software. The intellectual property roots of Linux are obviously flawed at a systemic level under the current model. To date, we claim that more than one million lines of Unix System V protected code have been contributed to Linux through this model. The flaws inherent in the Linux process must be openly addressed and fixed.
At a minimum, IP sources should be checked to assure that copyright
Why is being able to use the brand spanking new version of MS Office so damned important? I would think that OpenOffice would have 99.9% of the functionality that 99.9% of the users require by now.
Looking down on that NASA impact calc table, I find that in 2078 the calculated distance from the predicted orbit to the earth is 0.11 earth diameters. That doesn't sound too good to me. Sure, it's difficult to predict so far into the future, but perhaps it's a good idea to nip this one in the bud, before our grandchildren gets it in the face. (Repost non-anonymously. Duh. Forgot to log in.)
I'm getting a measly 26kb/s off bittorrent. I thought it was supposed to be fast? I'm on a 10Mbit line, so it ain't my pipe that's slow. Will it speed up when more people start downloading?
When the machine works with 0 ... 1, and all values in between are possible, then we'll be a lot closer to how our brains work, and neural networks in general. Of course, getting 2 + 2 equal 4 every time might not be a given.
Not that many will read this so far after the news release, but for myself, I'd be willing to filter incoming smtp based on host OS. OpenBSD 3.4 pf will do this.
"Hot spot" -- a place where the radiation level is high. Oh I know, nothing has been proved, but then, smoking was harmless for decades, too.
Add to this the significant (sometimes huge) cultural differences between EU nations, and you'll soon come to the conclusion that a superstate is the dream of powerhungry politicians, not the people who happens to live in europe.
Sure, but in this case you wouldn't actually be selling the pot, just telling the cop that you do. If he searched you, you wouldn't have either oregano or pot. I don't think making the statement "I drove 280 mph through a kindergarden" will allow the law to put you in jail for reckless driving.
If there was a program available that did all the motions of sharing copyrighted material without actually doing so, and people started using it, RIAA and theirs friends would have a fair bit of work to do in order to prove what was used -- Kazaa et.al or their faking counterparts.
So spoofing the sender just means that you have to tag the packages with content information. Who cares who sent it? Not the receiver.
I can't wait to see what that skeleton that hangs in the biology class lab looked like when it was alive!
Still, an UDP based network requires known servers or points of contact. Even if those change, they're still targets that can be traced and attacked. ES5 is a step in the right direction towards anonymous file sharing, but it's not quite there yet.
It's a lot more explosive than gasoline. If you want to store sizeable quantities you also need to store it in liquid form, which means it's under high pressure, as well.
If this is supposed to cure MS Windows of blaster and it's friends, it's sort of a dead end. As part of the worm payload, a hacker would just subvert the windowsupdate IP resolving; an entry in HOSTS would do just fine. Or patching the windows update software itself so it connects to a site of the hackers choosing.
on this thing is that the root of the situation is the hardware cost. PC's are cheap, so most people get them, and therefore most people are comfortable with PCs and know them. I think that is why companies (who are staffed and run by the same people) prefer PCs to Macs. They're a known quantity. The same story with Windows versus MacOS and Linux. It's well known and people feel comfortable with it, so it gets used. Even in the face of ludicrous support costs, rampaging virii and gaping security holes.