> Theo de Raadt: I have been the project leader for OpenBSD now for more than 10 years, and along the way I have had some good adventures with the developers in the group. We've developed some side projects as well, which are heavily used by everyone in the Unix world, such as OpenSSH.
Ooops. Funny how he managed to file off that it's a fork from the ssh.com work, not an OpenBSD development. And he consistently does this. He even files off how much of the work that got it accepted worldwide is the porting process from OpenSSH verson X.Y to the more portably implemented OpenSSH X.Yp1, and *THAT* is what has helped make it more usable worldwide.
Theo consistently sidesteps development by other people that make his project's work more usable or accessible. It's a big problem with OpenBSD, because it ticks off the developers and discourages them from cooperation with OpenBSD's often technically cleaner approaches.
No, but they're sending a note down from the mountain saying "there's no snow left up here, share that river water nicely". And "you, the punk who just leaves the tub running all night to see the pretty water flow down the drain: turn it off".
The worst abusers are downloading and stashing complete libraries, far more material than they ever hope to or intend to use themselves. And only a few such users can overwhelm any reasonable upstream connectivity: they throttle any upstream chokepoints, unless you throttle them youself nearer to their system. And ye gods, do they whine about interfering in their freedom, even when you point out to them right in their contract or their housing agreement where it has the bandwidth limits.
If you have a chance, go visit a college or an ISP and get a set of MRTG diagrams of their bandiwdth. A small set of users is consistently pulling, or sharing, one hell of a lot of data, and it's seriously raising the minimum infrastructure needed for more episodic uses, such as gaming or web page downloading or even casual YouTube access. The only ways to deal are to spend a lot of money on hardware, and raise prices with it, or to throttle those users.
Great, let's fill all available bandwidth in your neighborhood with multicast spew for material no one wants.
I don't think so. Keep it on request only.
You've a point, but the blockages of Usenet are identifiable. Cancel records and rmgroup messages are preserved, the newsgroups have well-defined local local expiration times and policies. The available Bittorrent sites have no such clear policy, except perhaps PiratesBay, which apparently never expires anything and is thus so filled with unavailable crap that it's nearly useless, even for legal content.
You seem to misunderstand. Profit is not the same thing as minimum cost per customer. Profit is a function of the total money coming in, minus the total costs. A few modest bandwidth pigs out of a thousand customers is not worth putting the filters and wasting time arguing with customers of cancelling their accounts, until or unless they use so much bandwidth that it's quite significant. It's not worth pursuing.
It only takes a few punks with external USB drives to saturate a neighborhood's entire uplink and much of their downlink bandwidth, especially in a neighborhood with fiber optic to the household. And those fools are worth the effort cutting off to protect the rest of your customer base. I've certainly seen it in households where people are downloading pirate videos all the time, and burning them to send to friends, and their housemates wonder why they can't access YouTube very well.
What *ARE* you talking about? Stallman goes regularly to press conferences, software conferences, and developoer's meetings worldwide. He's quite approachable, and while his reasoning is often odd, it's consistent and founded in real facts and political history. Richard's motives are clear as day. He's a moralist, and a purist, and consistent about his morals.
It's oddly refreshing if you can get past his hair and his fashion sense.
Excuse me, but GPL is quite licensable in commercial software. I write such software on a regular basis. It's the ability to take it closed source and without freedom to modify or fork that GPL blocks, and BSD protects. It's a freedom I'm generally happy to do without. Forks are handy and save me quite a lot of development time.
The classic example of such a fork is OpenSSH, forked from the original SSH while it was still open source. Theo, in fact, tries to take credit for OpenSSH, which remains a pretty funny joke if you know the timeline and the history. Imagine the pain in the neck maintaining compatibiloity if one fork went closed source and went on its own merry way.
Oh, wait. ssh.coom did that, and the OpenSSH developers have been playing catch-up on usable features ever since.
Please do not wave the "no extra cost" flag for technologies that require management, software, and hardware to implement. Such modulation occurs now as a part of basic load balancing, and to throttle traffic away from segments that are due for repair to avoid service interruptions. But it's not cheap to manage, and the routers or gateways capable of doing it well are not cheap.
No, I'm afraid it's not reliable for most material, because there is no assurance of available seeds. With Usenet, there are at least some well defined distribution and caching policies that assure the material being available for a reasonable time.
Go to many of the Bittorrent repositories, and they list a huge percentage of their torrents that simply aren't available and will never be available again. A distributed set of master torrent seeding sites could address this, which is where an NNTP like distribution protocol could be handy.
ISP's, especially backbone network providers, do routing table falsification as a matter of course. It discourages traffic from flowing across their expensive neighbors' fast network and keep it within their own slower but cheaper network. In fact, accurate routing maps are expensive and proprietary information for companies like Akamai, that do their own network probing and sell the data to customers, cheerfully ignoring these manipulations because they actually measure ping times.
This is not true. As long as unlocking the DRM is based on a provider published, local user key that is not easily transferred, the content delivery mechanism is a separate issue from accessing the contents. This is fundamental to public/private key authentication, and to public/private key encryption.
Take a good look at the insanities Windows Media Player does for DRM. Most of the work is already done: it's the business models that don't yet support it, not a lack of DRM-based software.
Are you under the impression that the emulator can wave a magic wand and have the commercial game software not do the savegame verification? That seems incredibly unlikely, if any components of the savegame authentication are built into the game software itself.
No, the most worrying for Nintendo is successful emulators that can run on non-Nintendo hardware. By locking down the savefiles, they retain control over savefiles, and over the ability of emulators to successfully save at all.
I've used bittorrent effectively inside a corporate firewall for transmitting DVD images, especially because HTTP and FTP couldn't handle files larger than 2 Gigabyte easily. The security models aren't built in: authentication of the content remains a separate step. But transmitting DRM enabled files, such as Windows Media files for the BBC's well-publicized Iplayer project, seems a natural approach and would help prevent fakery of the files. (That's a big problem for PiratesBay and other Bittorrent sites.)
P2P works well for video right now, but as traffic increases, the bandwidth needs to be paid for. Expect the infrastructure needed to cost serious money to the ISP's, who don't want to spend the money for it without getting paid directly.
P2P doesn't work well for DRM, for preventing people from accessing material without formal permission from the owner. This is the big problem for video content providers: the tools haven't been properly made or widely published to authenticate and restrict P2P content, so the video companies can continue with their current business models. So they're coming up with a lot of half-assed, ill thought out plans. For an example of this, go take a look at the Iplayer project by the BBC: it's wedded directly to Windows Media Player, which can't be played on anything but Windows, so they're in direct violation of their own governmental policies doing so.
It's an interesting point, but not as obvious as one might think by applying metaphors. Paper is not a molecule. It's made up of molecules: one needn't change a single molecule of the papre to cut it.
And you can't assume that because you did not apply chemicals you did not get a chemical interaction. I see your point, but don't think I agree with it.
For the same reason email spammers operate: the cost of their advertising is quite low, and the rewards are enough to make them think it's worth continuing to advertise.
This is why so many spammers and so many exciting web pop-up ads are fraudulent or at least wildly misleading. Such investments in advertising cost less if you don't have a legitimate product and don't have to do anything about customer complaints.
I predict that if the One Laptop Per Child project can ever get going properly, that we're going to see a huge number of them used as plug-in terminals to avoid exactly this sort of monitoring.
A polite heads-up with a pointer to the actual copyrights can be handy. Saying "I'd be interested in the use of it for this particular project, but not having access to the [GPL/BSD/Apache/whatever] licensed source precludes me from doing so, because it's hard to know what other copyrights you might be violating if you're being this obviously careless" might also help.
There's nothing to argue about: from http://www.linux.com/feature/53004:
> Theo de Raadt: I have been the project leader for OpenBSD now for more than 10 years, and along the way I have had some good adventures with the developers in the group. We've developed some side projects as well, which are heavily used by everyone in the Unix world, such as OpenSSH.
Ooops. Funny how he managed to file off that it's a fork from the ssh.com work, not an OpenBSD development. And he consistently does this. He even files off how much of the work that got it accepted worldwide is the porting process from OpenSSH verson X.Y to the more portably implemented OpenSSH X.Yp1, and *THAT* is what has helped make it more usable worldwide.
Theo consistently sidesteps development by other people that make his project's work more usable or accessible. It's a big problem with OpenBSD, because it ticks off the developers and discourages them from cooperation with OpenBSD's often technically cleaner approaches.
No, but they're sending a note down from the mountain saying "there's no snow left up here, share that river water nicely". And "you, the punk who just leaves the tub running all night to see the pretty water flow down the drain: turn it off".
The worst abusers are downloading and stashing complete libraries, far more material than they ever hope to or intend to use themselves. And only a few such users can overwhelm any reasonable upstream connectivity: they throttle any upstream chokepoints, unless you throttle them youself nearer to their system. And ye gods, do they whine about interfering in their freedom, even when you point out to them right in their contract or their housing agreement where it has the bandwidth limits.
If you have a chance, go visit a college or an ISP and get a set of MRTG diagrams of their bandiwdth. A small set of users is consistently pulling, or sharing, one hell of a lot of data, and it's seriously raising the minimum infrastructure needed for more episodic uses, such as gaming or web page downloading or even casual YouTube access. The only ways to deal are to spend a lot of money on hardware, and raise prices with it, or to throttle those users.
Great, let's fill all available bandwidth in your neighborhood with multicast spew for material no one wants. I don't think so. Keep it on request only.
You've a point, but the blockages of Usenet are identifiable. Cancel records and rmgroup messages are preserved, the newsgroups have well-defined local local expiration times and policies. The available Bittorrent sites have no such clear policy, except perhaps PiratesBay, which apparently never expires anything and is thus so filled with unavailable crap that it's nearly useless, even for legal content.
You seem to misunderstand. Profit is not the same thing as minimum cost per customer. Profit is a function of the total money coming in, minus the total costs. A few modest bandwidth pigs out of a thousand customers is not worth putting the filters and wasting time arguing with customers of cancelling their accounts, until or unless they use so much bandwidth that it's quite significant. It's not worth pursuing.
It only takes a few punks with external USB drives to saturate a neighborhood's entire uplink and much of their downlink bandwidth, especially in a neighborhood with fiber optic to the household. And those fools are worth the effort cutting off to protect the rest of your customer base. I've certainly seen it in households where people are downloading pirate videos all the time, and burning them to send to friends, and their housemates wonder why they can't access YouTube very well.
What *ARE* you talking about? Stallman goes regularly to press conferences, software conferences, and developoer's meetings worldwide. He's quite approachable, and while his reasoning is often odd, it's consistent and founded in real facts and political history. Richard's motives are clear as day. He's a moralist, and a purist, and consistent about his morals.
It's oddly refreshing if you can get past his hair and his fashion sense.
Excuse me, but GPL is quite licensable in commercial software. I write such software on a regular basis. It's the ability to take it closed source and without freedom to modify or fork that GPL blocks, and BSD protects. It's a freedom I'm generally happy to do without. Forks are handy and save me quite a lot of development time.
The classic example of such a fork is OpenSSH, forked from the original SSH while it was still open source. Theo, in fact, tries to take credit for OpenSSH, which remains a pretty funny joke if you know the timeline and the history. Imagine the pain in the neck maintaining compatibiloity if one fork went closed source and went on its own merry way.
Oh, wait. ssh.coom did that, and the OpenSSH developers have been playing catch-up on usable features ever since.
Please do not wave the "no extra cost" flag for technologies that require management, software, and hardware to implement. Such modulation occurs now as a part of basic load balancing, and to throttle traffic away from segments that are due for repair to avoid service interruptions. But it's not cheap to manage, and the routers or gateways capable of doing it well are not cheap.
No, I'm afraid it's not reliable for most material, because there is no assurance of available seeds. With Usenet, there are at least some well defined distribution and caching policies that assure the material being available for a reasonable time.
Go to many of the Bittorrent repositories, and they list a huge percentage of their torrents that simply aren't available and will never be available again. A distributed set of master torrent seeding sites could address this, which is where an NNTP like distribution protocol could be handy.
ISP's, especially backbone network providers, do routing table falsification as a matter of course. It discourages traffic from flowing across their expensive neighbors' fast network and keep it within their own slower but cheaper network. In fact, accurate routing maps are expensive and proprietary information for companies like Akamai, that do their own network probing and sell the data to customers, cheerfully ignoring these manipulations because they actually measure ping times.
Unlike Usenet, there's no reliability that any of the content will be available in the current models.
An NNTP->Bittorrent seeding site would be a fascinating mix of venues to use.
This is not true. As long as unlocking the DRM is based on a provider published, local user key that is not easily transferred, the content delivery mechanism is a separate issue from accessing the contents. This is fundamental to public/private key authentication, and to public/private key encryption.
Take a good look at the insanities Windows Media Player does for DRM. Most of the work is already done: it's the business models that don't yet support it, not a lack of DRM-based software.
Are you under the impression that the emulator can wave a magic wand and have the commercial game software not do the savegame verification? That seems incredibly unlikely, if any components of the savegame authentication are built into the game software itself.
No, the most worrying for Nintendo is successful emulators that can run on non-Nintendo hardware. By locking down the savefiles, they retain control over savefiles, and over the ability of emulators to successfully save at all.
I've used bittorrent effectively inside a corporate firewall for transmitting DVD images, especially because HTTP and FTP couldn't handle files larger than 2 Gigabyte easily. The security models aren't built in: authentication of the content remains a separate step. But transmitting DRM enabled files, such as Windows Media files for the BBC's well-publicized Iplayer project, seems a natural approach and would help prevent fakery of the files. (That's a big problem for PiratesBay and other Bittorrent sites.)
P2P works well for video right now, but as traffic increases, the bandwidth needs to be paid for. Expect the infrastructure needed to cost serious money to the ISP's, who don't want to spend the money for it without getting paid directly.
P2P doesn't work well for DRM, for preventing people from accessing material without formal permission from the owner. This is the big problem for video content providers: the tools haven't been properly made or widely published to authenticate and restrict P2P content, so the video companies can continue with their current business models. So they're coming up with a lot of half-assed, ill thought out plans. For an example of this, go take a look at the Iplayer project by the BBC: it's wedded directly to Windows Media Player, which can't be played on anything but Windows, so they're in direct violation of their own governmental policies doing so.
Or boot with Linux live CD, back up the immaculate installation to another medium, then use that to restore the system if necessary.
It's an interesting point, but not as obvious as one might think by applying metaphors. Paper is not a molecule. It's made up of molecules: one needn't change a single molecule of the papre to cut it.
And you can't assume that because you did not apply chemicals you did not get a chemical interaction. I see your point, but don't think I agree with it.
Or that runs Dick Cheney's laptop.
So if you just shut up and and ignore it, it's not so bad when someone steals your wallet or their dog pees in your shoes at the beach?
For the same reason email spammers operate: the cost of their advertising is quite low, and the rewards are enough to make them think it's worth continuing to advertise.
This is why so many spammers and so many exciting web pop-up ads are fraudulent or at least wildly misleading. Such investments in advertising cost less if you don't have a legitimate product and don't have to do anything about customer complaints.
I predict that if the One Laptop Per Child project can ever get going properly, that we're going to see a huge number of them used as plug-in terminals to avoid exactly this sort of monitoring.
It certainly happened to SSH years ago, long before slashdot. Heck, it's how the gcc and the the GPL and the FSF started.
A polite heads-up with a pointer to the actual copyrights can be handy. Saying "I'd be interested in the use of it for this particular project, but not having access to the [GPL/BSD/Apache/whatever] licensed source precludes me from doing so, because it's hard to know what other copyrights you might be violating if you're being this obviously careless" might also help.
If you can manage it, a senior NSA agent's car would be ideal. Or a federal judge could also be fun.