But he said it was five years of hard work by *geeks*.
No, he said geeks, hackers and techno-whizzes. What makes you think geeks, hackers and techno-whizzes can only create software?
base64+xor67 is pretty freakin easy.
Yes it is. And the thing you are holding in your hand to scan barcodes isn't just "base64+xor67". It's an actual product that gets mass produced for a relative low cost. Somewhere, deep down, it does "base64+xor67". But there's more than "base64+xor67" to make an actual scannar.
Really? Are you suggesting that Digital:Convergence first developed and produced the hardware, and only then started thinking about the software? Come on. I quote:
This IS NOT ABOUT stopping hackers, but trying to get the "hackers" and such to WORK
WITH US AND NOT EXPOSE US and destroy over 5 years of hard work by a group of "geeks, hackers and techno-whizzes" like each
of you!
What makes you think that that implies 5 years of work to develop just the software? While I have my doubts about the 5 years, I do believe the entire product is meant here. From the first idea all the way to development of hardware and software, production up to the point it was available to the public.
Compare apples to apples
Indeed. Comparing the time between reverse enginering some software and developing a product is comparing apples to oranges.
They're saying it took them five years of hard work, when the Open Source hackers did it in what, a few days, weeks?
Excuse me, but all the Open Source hackers did was copying some software. They didn't come up with the idea, they didn't develop the hardware, they didn't design the production process, they didn't design the software, they didn't do the marketing, they didn't develop the distribution process. All they did was reverse engineering someone elses work and creative ideas. Timescales cannot be compared.
This [Perls use of braces//A] naturally
leads to errors where the indentation (highly visible) is correct but a brace is missing or extra. Python lets the visible
thing (indentation) take on the syntactic role.
It isn't very easy to miss a brace - if you miss a brace, the code is unlikely to compile. Of course, you might misplace a brace, but you might as easily misplace whitespace. And given that people tend to indent their code, in Perl you would actually have to misindent *and* misplace the brace to make an error that isn't bloody obvious from staring at the code 40 feet away. So.... you might as well say that in Perl, the purpose of the braces is to see whether you indented right.;-)
Last time I checked, Python's regular expressions were inferior to Perl's in speed, ease of notation, and
power/comprehensiveness.
It has been a while ago that Python copied Perl's regexes, so the ease of notation argument doesn't hold. Nor does the power/comprehensiveness argument.
I program a lot in Perl and never in Python.
From the code I often see, I would say than more than half of the people programming in Perl would have been better off if they never had programmed in Perl but used Python instead.
If someone is willing to work for $2, why should the government tell them that they can't?
Most certainly. Perhaps you are indendently
wealthy, and just like the job. You take the job,
meaning that someone who does need the minimum
wage to feed her kids is out of a job.
Minimum wage isn't there just to protect the one employee. Is there to protect everyone. (Oh, and not umimportant, a wage of $2/hour brings in less taxes than a wage of $20/hour).
If you still think that there should be a minimum wage law, then why doesn't it apply to volunteerism?
Voluteerism is usually for charities and non-profit organizations, not for coorperations. AOL isn't a charity. And a church isn't a coorperation.
Can anybody tell me what the real commercial incentive is to run Linux on bigger systems? I'm just curious that's all. Perhaps
I'm missing something here (almost certainly I'm sure).
It's a research project. Maybe there's a commercial incentive to run Linux on bigger systems. Maybe there isn't. You have to try and find out. And to try, you first have to get Linux to run on bigger systems. That's what they've done - running Linux on a small bigger system. (And that's all the information the article gives - they've booted in on a 32 CPU machine, it didn't say anything about performance)
If your project is purely open-source, then involve the
community in it and release as soon as you have something that compiles. Involvement of the community is always beneficial
to an open-source project.
Not every open-source project needs to be made for "the community". Open source just means source is
available - but that does not mean the project is
for the benefit of "the community" (whatever "the community" is). You could write a brokerage system, that allows people to do daytrading over the web, and open source it. But Joe R Hacker isn't a broker, and doesn't have a man on the trading floor, and hence will have little use for it.
Furthermore, if you are a decent software company, you really don't want a gazillion people submitting bug reports for alpha software. You will get lots of crap reports, you will get lots of duplicate bugs reports, and assuming you are still doing development, most of the non-duplicated reports that aren't crap, are about bugs you already fixed.
I'd be weary of companies who embrace "release early, release often" because it helps them make a better product. It means something is wrong in their own development and testing departments.
I don't know why you generalize so much. There are big corporation that wouldn't dream to release something that isn't properly tested, and there are large free software projects that release often, but still ship buggy products as "stable".
Look at Perl 5.6.0 for instance.
I wouldn't mind copyright laws so much if they were reasonable
I find copyright law one of the most reasonable laws outthere; not in the least because the basis is the same almost anywhere.
How about reducing copyright to the origional term of 14-28 years?
So.... in 2005, 14 years after Linus laid the foundation for Linux, Microsoft can take the code and incorperate it in their software? And already do that with many of the GNU tools out there? Is that what you are suggesting?
Why *can't* we create a montage of planet of the apes and the origional startrek?
For the same reason Microsoft can't take GNU code and add it to their code base.
Our culture is held hostage to 75 year copyrights.
That's 75 years after the death of the author. It will be interesting to see what happens at the end of the next century with GNU code which had many authors.
Scope of copying is crucial in the case of the RIAA. Read the document.
Actually, it is stepping on my legal right to make non-commercial copies of things I own. It also is legal to make tapes of music you own and give it to someone else, as long as you do not sell it, or know that it will be used commercially. Otherwise, you couldn't tape a TV program.
Amazingly, the document discusses this, and points to prior ruling. Yes, it is legal to make copies, for use in your household and your usual circle of friends, as long as you don't charge admission. However, sharing with many strangers does not fall in that category, and is commercial. It is commercial because the person you are sharing with now does not have to buy a CD to get the same music. Please read the document for more details and references.
I'm concerned about the attempt to create a precedent that digital copying per se is illegal.
Create a precedent? Digital copying has been around for a while. From xerox machines via computer games to bootlegged recordings. (And whether copying is digital or analog is totally irrelevant).
er, and just exactly how would they go about doing such a thing? nothing differentiates a copyrighted string of bytes from a non-copyrighted string of bytes.
If you had read the document, than you would have known. The RIAA spells out what they find an acceptable solution of doing this. (It basically boils down to: just keep track of the works you have permission for (and that's how the basis of copyright works anyway: you can't copy unless you have permission))
And programmers want people to use their code. That however doesn't mean that artists and programmers don't have to pay rent, don't have to buy food, and don't have to support their children.
But bits? No cost there, other a few seconds of server time.
That reasoning is flawed on two accounts. First, the costs involved in making a CD are very much higher than the $20 or $30 you pay in the store. While the additional cost of copying a CD is a lot less, the total price of recording, producing and promoting is shared by all the buyers of the CDs.
Secondly, there is nothing wrong with trying to make more money. Most programmers would rather be paid $100k/year than $30k/year, all other things equal. Artists in general would also rather have a higher income than a lower income. Artists can increase their income by making more sales. Even if copying a CD costs 0 cents, and it's done by the storeowner, who works for free, such that there are no distribution costs, not making the sale lowers the income of the artist.
I would rather have everyone know about a buffer overflow problem in sendmail or a DNS exploit than only the black hats.
Let's see. You know about a problem in buffer overflow problem in sendmail. You have two options: public disclosure, or no public disclosure. According to you, there are two outcomes: everyone knows, or only the black hats know. Since with public disclosure, everyone knows, the no public disclosure leads to only black hats knowing. Ergo, you must be a black hat, and even more, anyone you tell it to has to be a black hat too. Including (gasp) the people maintaining sendmail and CERT. (Or perhaps you wouldn't tell them and willingly restrict yourself to black hats.)
Of course, if you aren't a black hat, your reasoning must be flawed. (And I think it is. There *is* something between everyone and only the black hats. But I leave that to you to figure out.)
How long do you think MS or some engineer that worked for them knew something like Melissa or ILOVEYOU was possible but didn't bother to fix it until it happened.
Ah, I guess you believe that sendmail is maintained by people using the same policies as MS. Just like everyone else...
If the cost of forcing the corporate world to Get A Clue, and to employ some righteously clueful admins, is inflicting them with a plague of Script Kiddiez, then that's the price we're going to have to pay until we get it sorted. Nothing else seems to have woken them up.
And I guess shooting you is OK so it forces you to Get A Clue and wear a bullet proof jacket?
Crime is crime, and no excuse in the form of "it's only done to show that you haven't spend countless hours and gazillions of bucks securing yourself". It doesn't hold in court for theft, rape or murder. Why on earth should computer crime be an exception?
Hmmm, and I guess gangs should get medals because of their shootings we get better gun control laws? Rapist should be honoured, because they show women it's unsafe out there? And the guy who breaks your skull should be rewarded because he showed you how stupid you were for not wearing a helmet?
You cannot excuse a crime as "it's only done to show crime prevention hasn't turned us into a police state yet".
Would you feel more secure if the sites that kept your credit card info (as an example) didn't have to constantly worry about plugging every little hole that a script kiddie is going to use?
Well, yes, just I feel more secure in my grandmothers small village where I can leave the doors unlocked and my unlocked bike won't get stolen than in the big city where I need multiple locks and a chain on my door in my guarded apartment complex.
The absence of crime is much better than any measurement trying to prevent it.
What's best for PEOPLE - not best for faceless corporate entities, governments,
Faceless corporate entities pay people. Directly and indirectly. A financial loss for a corporate entity has to be filled somehow. Less raises, no bonusses, lay-offs, no new hires, increased prices are all possible.
Say, I have this tool that can crash every Cisco router made since 1998. Do you believe me without proof?
Does it matter whether *I* believe it? For Cisco routers, it matters that *Cisco* believes it, and that *Cisco* fixes it. Instead of disclosing to the public how to crash every Cisco router, you would be doing the public a much bigger service if you informed Cisco and CERT. No matter how responsive Cisco is, it is going to take a while before a fix is created, tested, distributed and installed. Full disclosure not necessary speeds up that process, but it can result in lots of damage done by people exploiting the hole.
And just because someone with evil intent may find the hole as well, it isn't a reason to hand it them on a silver platter.
there is *no* good reason for routing somebody else's IPs, right?
But that's the basis of the Internet. Granted, if your router is a gateway to a network, and it's the only gateway into that network, there's no reason to. If every router said "hmmm, neither the source, nor the destination is in our network, let's drop it", the internet becomes a lot less reliable, and links and hops going down will have a much bigger impact. Not to mention that if your ISP doesn't directly peer with whoever is hosting slashdot, you won't be able to visit slashdot. (yes, I realize that things are a lot more complicated than that - but that's why a simplistic "there is *no* good reason for routing somebody else's IPs" isn't going to work.)
I do agree with the other good points of the posting though.
For these people, any loss of anonymity (such as a "where did these packet originate" solution) means a serious risk to their lives, while their activity is not at all illegal - it's perfectly ordinary scientific research.
To perform any meaningful communication, one has to know where a packet came from, otherwise, one cannot reply. Any valid TCP/IP connection is one where both ends know the address of the other end. I cannot see why your students need to send out untraceble IP packets - there's no service that works that way. As for an anonymous high level protocol, like mail, your implemented solution isn't effected by it. Currently, the receiver of the anonymized mail already has to know the address of your remailer - otherwise you won't be able to build an SMTP connection. But that's where it stops - and that's where itrace would stop as well, as that's the end-to-end connection being made.
That doesn't cut it. You can't copy books and distribute the copies and get away with it because you won't copy books that have "X-NO-ARCHIVE: YES" written in crayon on the cover.
Whether Usenet archives are violating copyright or not, I don't know. (I hope they aren't, but I can see the reservations people have), but the respecting an opt-out header isn't going to cut it. One does not have to defend a copyright. If you want to legalize it with headers, only opt-in headers will do.
Slashdot Mirror
No, he said geeks, hackers and techno-whizzes. What makes you think geeks, hackers and techno-whizzes can only create software?
base64+xor67 is pretty freakin easy.
Yes it is. And the thing you are holding in your hand to scan barcodes isn't just "base64+xor67". It's an actual product that gets mass produced for a relative low cost. Somewhere, deep down, it does "base64+xor67". But there's more than "base64+xor67" to make an actual scannar.
-- Abigail
Really? Are you suggesting that Digital:Convergence first developed and produced the hardware, and only then started thinking about the software? Come on. I quote:
What makes you think that that implies 5 years of work to develop just the software? While I have my doubts about the 5 years, I do believe the entire product is meant here. From the first idea all the way to development of hardware and software, production up to the point it was available to the public.Compare apples to apples
Indeed. Comparing the time between reverse enginering some software and developing a product is comparing apples to oranges.
-- Abigail
Excuse me, but all the Open Source hackers did was copying some software. They didn't come up with the idea, they didn't develop the hardware, they didn't design the production process, they didn't design the software, they didn't do the marketing, they didn't develop the distribution process. All they did was reverse engineering someone elses work and creative ideas. Timescales cannot be compared.
--Abigail
perl -wne '$_ {$_}++; END {print "$_{$_}: $_" for sort keys %_}'
And you are right. You only have to add a tiny bit of code to do it for each word.
perl -nalwe '$_ {$_} ++ for @F; END {print "$_{$_}: $_" for sort keys %_}'
-- Abigail
It's the bunch of freaks and geeks meeting at Larry's for tea every Tuesday afternoon.
what is perlbug
That's the Beetle (with flower power decorations) donated to Larry by a certain German car maker.
how to pronounce my name
That's easy. It's Finnish, so you just have to pronounce it the way it's written.
-- Abigail
It isn't very easy to miss a brace - if you miss a brace, the code is unlikely to compile. Of course, you might misplace a brace, but you might as easily misplace whitespace. And given that people tend to indent their code, in Perl you would actually have to misindent *and* misplace the brace to make an error that isn't bloody obvious from staring at the code 40 feet away. So.... you might as well say that in Perl, the purpose of the braces is to see whether you indented right. ;-)
Last time I checked, Python's regular expressions were inferior to Perl's in speed, ease of notation, and power/comprehensiveness.
It has been a while ago that Python copied Perl's regexes, so the ease of notation argument doesn't hold. Nor does the power/comprehensiveness argument.
I program a lot in Perl and never in Python.
From the code I often see, I would say than more than half of the people programming in Perl would have been better off if they never had programmed in Perl but used Python instead.
-- Abigail
Most certainly. Perhaps you are indendently wealthy, and just like the job. You take the job, meaning that someone who does need the minimum wage to feed her kids is out of a job.
Minimum wage isn't there just to protect the one employee. Is there to protect everyone. (Oh, and not umimportant, a wage of $2/hour brings in less taxes than a wage of $20/hour).
If you still think that there should be a minimum wage law, then why doesn't it apply to volunteerism?
Voluteerism is usually for charities and non-profit organizations, not for coorperations. AOL isn't a charity. And a church isn't a coorperation.
-- Abigail
It's a research project. Maybe there's a commercial incentive to run Linux on bigger systems. Maybe there isn't. You have to try and find out. And to try, you first have to get Linux to run on bigger systems. That's what they've done - running Linux on a small bigger system. (And that's all the information the article gives - they've booted in on a 32 CPU machine, it didn't say anything about performance)
-- Abigail
Not every open-source project needs to be made for "the community". Open source just means source is available - but that does not mean the project is for the benefit of "the community" (whatever "the community" is). You could write a brokerage system, that allows people to do daytrading over the web, and open source it. But Joe R Hacker isn't a broker, and doesn't have a man on the trading floor, and hence will have little use for it.
Furthermore, if you are a decent software company, you really don't want a gazillion people submitting bug reports for alpha software. You will get lots of crap reports, you will get lots of duplicate bugs reports, and assuming you are still doing development, most of the non-duplicated reports that aren't crap, are about bugs you already fixed.
I'd be weary of companies who embrace "release early, release often" because it helps them make a better product. It means something is wrong in their own development and testing departments.
-- Abigail
-- Abigail
It looks like he added the numbers of Linux (aggr) and RedHat.
-- Abigail
I find copyright law one of the most reasonable laws outthere; not in the least because the basis is the same almost anywhere.
How about reducing copyright to the origional term of 14-28 years?
So.... in 2005, 14 years after Linus laid the foundation for Linux, Microsoft can take the code and incorperate it in their software? And already do that with many of the GNU tools out there? Is that what you are suggesting?
Why *can't* we create a montage of planet of the apes and the origional startrek?
For the same reason Microsoft can't take GNU code and add it to their code base.
Our culture is held hostage to 75 year copyrights.
That's 75 years after the death of the author. It will be interesting to see what happens at the end of the next century with GNU code which had many authors.
-- Abigail
Scope of copying is crucial in the case of the RIAA. Read the document.
Actually, it is stepping on my legal right to make non-commercial copies of things I own. It also is legal to make tapes of music you own and give it to someone else, as long as you do not sell it, or know that it will be used commercially. Otherwise, you couldn't tape a TV program.
Amazingly, the document discusses this, and points to prior ruling. Yes, it is legal to make copies, for use in your household and your usual circle of friends, as long as you don't charge admission. However, sharing with many strangers does not fall in that category, and is commercial. It is commercial because the person you are sharing with now does not have to buy a CD to get the same music. Please read the document for more details and references.
I'm concerned about the attempt to create a precedent that digital copying per se is illegal.
Create a precedent? Digital copying has been around for a while. From xerox machines via computer games to bootlegged recordings. (And whether copying is digital or analog is totally irrelevant).
-- Abigail
If you had read the document, than you would have known. The RIAA spells out what they find an acceptable solution of doing this. (It basically boils down to: just keep track of the works you have permission for (and that's how the basis of copyright works anyway: you can't copy unless you have permission))
-- Abigail
And programmers want people to use their code. That however doesn't mean that artists and programmers don't have to pay rent, don't have to buy food, and don't have to support their children.
Artists are people too.
-- Abigail
That reasoning is flawed on two accounts. First, the costs involved in making a CD are very much higher than the $20 or $30 you pay in the store. While the additional cost of copying a CD is a lot less, the total price of recording, producing and promoting is shared by all the buyers of the CDs.
Secondly, there is nothing wrong with trying to make more money. Most programmers would rather be paid $100k/year than $30k/year, all other things equal. Artists in general would also rather have a higher income than a lower income. Artists can increase their income by making more sales. Even if copying a CD costs 0 cents, and it's done by the storeowner, who works for free, such that there are no distribution costs, not making the sale lowers the income of the artist.
-- Abigail
Let's see. You know about a problem in buffer overflow problem in sendmail. You have two options: public disclosure, or no public disclosure. According to you, there are two outcomes: everyone knows, or only the black hats know. Since with public disclosure, everyone knows, the no public disclosure leads to only black hats knowing. Ergo, you must be a black hat, and even more, anyone you tell it to has to be a black hat too. Including (gasp) the people maintaining sendmail and CERT. (Or perhaps you wouldn't tell them and willingly restrict yourself to black hats.)
Of course, if you aren't a black hat, your reasoning must be flawed. (And I think it is. There *is* something between everyone and only the black hats. But I leave that to you to figure out.)
How long do you think MS or some engineer that worked for them knew something like Melissa or ILOVEYOU was possible but didn't bother to fix it until it happened.
Ah, I guess you believe that sendmail is maintained by people using the same policies as MS. Just like everyone else...
-- Abigail
And I guess shooting you is OK so it forces you to Get A Clue and wear a bullet proof jacket?
Crime is crime, and no excuse in the form of "it's only done to show that you haven't spend countless hours and gazillions of bucks securing yourself". It doesn't hold in court for theft, rape or murder. Why on earth should computer crime be an exception?
-- Abigail
You cannot excuse a crime as "it's only done to show crime prevention hasn't turned us into a police state yet".
-- Abigail
Well, yes, just I feel more secure in my grandmothers small village where I can leave the doors unlocked and my unlocked bike won't get stolen than in the big city where I need multiple locks and a chain on my door in my guarded apartment complex.
The absence of crime is much better than any measurement trying to prevent it.
-- Abigail
Faceless corporate entities pay people. Directly and indirectly. A financial loss for a corporate entity has to be filled somehow. Less raises, no bonusses, lay-offs, no new hires, increased prices are all possible.
-- Abigail
Does it matter whether *I* believe it? For Cisco routers, it matters that *Cisco* believes it, and that *Cisco* fixes it. Instead of disclosing to the public how to crash every Cisco router, you would be doing the public a much bigger service if you informed Cisco and CERT. No matter how responsive Cisco is, it is going to take a while before a fix is created, tested, distributed and installed. Full disclosure not necessary speeds up that process, but it can result in lots of damage done by people exploiting the hole.
And just because someone with evil intent may find the hole as well, it isn't a reason to hand it them on a silver platter.
-- Abigail
But that's the basis of the Internet. Granted, if your router is a gateway to a network, and it's the only gateway into that network, there's no reason to. If every router said "hmmm, neither the source, nor the destination is in our network, let's drop it", the internet becomes a lot less reliable, and links and hops going down will have a much bigger impact. Not to mention that if your ISP doesn't directly peer with whoever is hosting slashdot, you won't be able to visit slashdot. (yes, I realize that things are a lot more complicated than that - but that's why a simplistic "there is *no* good reason for routing somebody else's IPs" isn't going to work.)
I do agree with the other good points of the posting though.
-- Abigail
To perform any meaningful communication, one has to know where a packet came from, otherwise, one cannot reply. Any valid TCP/IP connection is one where both ends know the address of the other end. I cannot see why your students need to send out untraceble IP packets - there's no service that works that way. As for an anonymous high level protocol, like mail, your implemented solution isn't effected by it. Currently, the receiver of the anonymized mail already has to know the address of your remailer - otherwise you won't be able to build an SMTP connection. But that's where it stops - and that's where itrace would stop as well, as that's the end-to-end connection being made.
-- Abigail
That doesn't cut it. You can't copy books and distribute the copies and get away with it because you won't copy books that have "X-NO-ARCHIVE: YES" written in crayon on the cover.
Whether Usenet archives are violating copyright or not, I don't know. (I hope they aren't, but I can see the reservations people have), but the respecting an opt-out header isn't going to cut it. One does not have to defend a copyright. If you want to legalize it with headers, only opt-in headers will do.
-- Abigail