Agreed, this really isn't symbolic of capitalism at all. This is Apple sending Quark a message, no more, no less. And frankly, I'm glad.
Erm, huh. I'm glad, too.
But this is, exactly, Caplitalism at work. How do you "send a message" with providers you disagree with? Hopefully, you're like the rest of us, and encourage a different provider monetarily. That seems to be what Apple is doing.
I spent a couple of work-years living in Quark, and loved 3.1 to death. Times do change. Hell, I don't do graphic design very much any more.
I don't think it's out of line, or uniquely American, to fear the government entering into direct competition with known economic paradigms--and that's what we're talking about. When the US subsidizes a company, its intention is not to displace an entire sector with whatever it's ordered, ie. we take a bid for a jet, which is a standard product that can be produced by a number of US companies. The production of the jet hurts no other sector of industry.
I think you underestimate the US's will to tamper with "known economic paradigms". It you do a little looking around at what it has done in the past ten years to the aviation industry, it becomes very, very clear that there was an agenda mostly dictated by the USG that led to the huge mergers in that sector.There are differences of opinion as to why it was desirable to some in government, but nobody disputes that it happened. And yes, there were winners and losers (although who falls into which box is still being argued by some).
What I see to be the significant part of this is that the COTS (Commercial, off-the shelf) push many governments have had lately has, apparently, been sidelined as not the cheapest, best option, at least for DE.
Leveraging free code, and abiding by the legal restrictions on that code, seems to hit the sweet spot for them.
Looked at another way, Nobody present, I think, would be concerned if DE decided to contract out sewer control software and then open-source the result. On the contrary, there would be cheers. Never mind it would put a few people out of business.
Aside from magnititude, wherein lies the difference between the sewer system and groupware?
-j
despite other comments...
on
Radius w/ MySQL?
·
· Score: 4, Interesting
I did this at my last company with Oracle+openLDAP for > 1,000,000 users. Worked great, after some tuning. Which, admittedly, took some time. If that is an issue, don't be headstrong like I was and hire someone who knows how to do it the first time through, rather than learning as you go.
Doing things now at my current job (typically for much smaller user bases), I use postgres in place of Oracle, unless the client has a preference. It just works, it is fast, it doesn't chew off a limb when it has a problem. You can do more interesting queries if you need to. It is enterprise class, Mysql is not, yet. Sorry.
I wonder at all the people who have had endless problems with Open LDAP. If you read the docs, think about what they mean for your environment, and implement correctly, it works wonderfully, from stability to performance to features. Of course, lots of people have horror stories about Postgres, too, most of them illustrations of how not to run a real database. All I can say is these tools work for me and my clients.
My new company is currently about to close, I think, a deal to do what I described above for ~4M users. I'm entirely confident it will work, based on as close to empirical testing as we can emulate. The real world is always different, but that makes it fun. YMMV.
Speaking of distributions, which distribution is most popular among Linux users who migrated from BSD? Is it Slackware?
Speaking only for my self, Debian. I still run and recommend FreeBSD in server environments, but for my main machine (a Thinkpad), I finally got religion and am running Linux on it.
The Debian package manager is wonderful, and reminds me of the management BSD is famous for.
You fail to make sense.
How is it that wanting freedom as it was defined by the people who wrote our founding laws (as opposed to freedom(tm), a concept that continually proves itself flexible to a number of different viewpoints, so long as there are contributions behind them), an indicator for "undergraduate liberal because my daddy is republican"? Please, explain how the founding fathers were hippies that screwed everyone in sight, ate other deadhead's acid, and evaded MSG security so that they could Get Another Miracle.
-j, a cranky product of a small, liberal arts college that cost too much.to preserve
Sorry, you're just wrong. A one time pad is pure random data. One XORs the data with the message. It is mathematically impossible to decrypt without a copy of the data used, because every possible decryption is equally likely.
Code talkers were speaking a language. Speaking a language in no way can be compared to employing an OTP. Someone not knowing the language could have, in time, learned it through a variety of methods. They just got lucky that the Japanese didn't have time time or the will to do so.
The best way to encrypt communications would be to write a one-time pad [...] [maybe you e-mail from home it in the morning using PGP?].
That is moronic.
If you think you need the theoretically perfect security of a one time pad, why would you send it using PGP?
Of course the data security needs of wasting time gossiping with pals doesn't require OTP security. Hm, maybe bundle a couple of thoughts and send it out with PGP instead?
The reason that 3DES works is that DES is not a group. That's a mathematical notion. I cannot explain it here. Read up on the lit. (Schneier, Applied Crypto is a really good start.)
Basically, most dumb encryption methods are additive - you cannot expect that encrypting once, and then again with a different method means the attacker will need to reverse the process. Many times, it is simple to defeat both in the same process. CF, again, why DES is not a group.
There are many methods that are _not_ additive, and still are a group. That is, you're not saved by making sure you're not a conjuction of mathematical ejaculate.
My personal favorite post. Aside from the fact that the first paragraph ended up being extremely incorrect, I think Chuck got a lot of things right (Nevermind that he couldn't forsee AOL becoming the "virtual mall", or as some still call it, "walled garden", he's dead on):
(Fuck the lameness filter... first time I've hit it doing this, and I don't feel like figuring out why when I'm leaving the house in 10 minutes. You'll have to read it on Google, instead of/.)
So, unlike the vocal majority of computer geeks here, this geek actually has a clue about warfare.
It never fails to amuse me when people argue that, having been in the military, everyone who hasn't should just shut up and accept the opposing viewpoint.
This is no different than, say, "I've been going to church for 5 years, so unlike you athiests, I actually have a clue about religion. For fuck's sake, realize that god exists!" Or, perhaps, try "Unlike you Linux bigots, I have an MCSE, so I have a clue about Windows. For fuck's sake, realize Microsoft is better."
Endless fun. Because of years of indoctrination (and, having been in the military, you know the importance of indoctrination) and a vested interest in feeling good about your experience (not to mention, probably, a military scholarship or a pension or some other monetary reason for liking the armed forces), you have a monopoly on geopolitical knowledge.
I'm not even really saying I disagree with you - I do agree with some of what you're saying. I'm just pointing out that your argument for why the rest of the world should all drop the dumb peacenik hippy dippy feelings is complete and utter bullshit.
-j
Re:You are not anal enough either. (IAAL)
on
Abusing the GPL?
·
· Score: 1
Can you suggest or provide a more legally palatable alternative?
The funny part of this is that you're doing this on a site that is devoted to free software. Beer, electronics, etc. are all items that, if stolen, impact the loser in the situation. It doesn't work that way with software (or movies, for that matter) - it only impacts business models built on legalisms.
You only need to look at the site you're posting on for proof that software need not be owned, and the users of such need not be casual criminals should they fail to tithe you.
Actually, ftp is a lousy protocol for transfering files. It requires a persistent connection between transfers, uses a bunch of connections anyway, isn't designed for machine-machine interaction, and doesn't have a mechanism for content type information. HTTP is a "transfer" protocol, and there's nothing in particular that relates to hypertext in it.
Content type information would be useful, you're right. Requiring a persistent connection, that can be good or bad, depending on the nature of the file transfer. It is true that for requesting arbitrary files meant to be accessible by anyone, the protocol has inefficiencies. You didn't note the problems it causes for firewalls, but I'll throw that in anyway. FTP is still the most efficient means of transferring files.
http is exactly what it is named - Hypertext Transport Protocol. People are abusing it (for reasons of expediency) to do a lot of things it was never meant to do.
HTTP is fine for P2P applications, in general; it's not hard to have a program the both makes and accepts HTTP requests.
I would argue that http is a stupid protocol to use for P2P. The only reason it is used is because firewalls leave that port open. One might as well argue (with substantially more reason) that port 22 and the ssh protocol is fine for P2P. Honestly, were that the case, a lot of the problems inherent in deployed P2P apps would not exist.
HTTP is suitable for delayed responses, although the entity expecting an eventual response will have to be running an HTTP server. Of course, if you want to get a delayed response, you'll have to have somewhere to accept an incoming connection, whether it's a mail server, an HTTP server, or some weird new MS thing.
RPC over http is a bad hack. RPC, for all the problems it has, has been running over TCP/IP for quite some time now... the _only_ reason to encapsulate it is to circumvent firewalls. Yes, RPC has a multitude of problems, and honestly, I hate it. Encapsulating it to hide from security restrictions does not make it any more appealing. Users might not like a requirement to tunnel legitimate services through a firewall, but that is how it _should_ happen. There are a bundle of add-ons to make RPC over http appealing, like XML "standards", etc, but none of those are inherent to doing RPC over http.
HTTP is not suitable for is negotiation, since you can't easily go back and forth multiple times (later interactions are not sufficently tightly connected to not need to send all of the information again). Of course, this is essentially what people are trying to use it for.
Here, we agree. http is for random file access with built in intelligence about file types. Nothing more.
"It will not be some special exception for copyright owners," Glazier said. "It will be a general fix to bring back current law." Glazier is the RIAA's senior vice president of government relations and a former House aide.
Um, does that make sense to anyone, anywhere? Do we have a legal precedent to "return the way it is to now"?
I know intelligent people can disagree here, but please follow my chain of reasoning and then let me know exactly where you disagree.
I have the right to think. I can think about anything I want. I can write things down. I can write things down in my native tounge, in German, in perl, C or any other language I choose to learn. I have no moral obligation to teach others how to read various modes of communication. I can write down math. I can write down the results of mathematical calculations. I can show other people the product of my labors.
Does this remind anyone else of _A Fire Upon The Deep_ by Vernor Vinge? He coined a great phrase for this sort of thing as an enabling technology - "Ubiquitous Law Enforcement".
I am certainly more comfortable with being responsible for what I download than with having to have a team of lawyers to feel comfortable posting content.
I'm sorry, but I feel this is a software security issue. As always with security issues, some people want a legal palliative to make them feel better ("Take a DCMA and an Anti-Spam and call me in the morning."). Others use software that doesn't behave in undesirable ways.
I am being a bit harsh here, but think about it for just a bit. There are consumer choices to make this crap go away, as many have noted in this topic. This really does seem to be a case of "Doctor, it hurts when I click there."
That's crap. In response to a request, a server is sending a text stream to a client. If you don't like what your client does with it, use a better client. Sorry, but it is just that simple.
If your sister gets a pal to drive her to the Britney Spears' concert, and they take her to a crappy party with crude people playing music she doesn't like, that sucks for her. But it is not a crime. She showed poor judgement in making choices, perhaps her parents showed poor oversight, but it isn't a crime.
No, _you_ missed the point. Encryption is not a health hazard - little kids don't fall into my copy of PGP and die. The point is that people have the right to talk to each other without third parties listening in. Or are you suggesting that the FBI be invited to your pillow talk with whomever you're sleeping with? Because that is exactly what you are proposing.
Slashdot Mirror
Agreed, this really isn't symbolic of capitalism at all. This is Apple sending Quark a message, no more, no less. And frankly, I'm glad.
Erm, huh. I'm glad, too.
But this is, exactly, Caplitalism at work. How do you "send a message" with providers you disagree with? Hopefully, you're like the rest of us, and encourage a different provider monetarily. That seems to be what Apple is doing.
I spent a couple of work-years living in Quark, and loved 3.1 to death. Times do change. Hell, I don't do graphic design very much any more.
-j
I don't think it's out of line, or uniquely American, to fear the government entering into direct competition with known economic paradigms--and that's what we're talking about. When the US subsidizes a company, its intention is not to displace an entire sector with whatever it's ordered, ie. we take a bid for a jet, which is a standard product that can be produced by a number of US companies. The production of the jet hurts no other sector of industry.
I think you underestimate the US's will to tamper with "known economic paradigms". It you do a little looking around at what it has done in the past ten years to the aviation industry, it becomes very, very clear that there was an agenda mostly dictated by the USG that led to the huge mergers in that sector.There are differences of opinion as to why it was desirable to some in government, but nobody disputes that it happened. And yes, there were winners and losers (although who falls into which box is still being argued by some).
What I see to be the significant part of this is that the COTS (Commercial, off-the shelf) push many governments have had lately has, apparently, been sidelined as not the cheapest, best option, at least for DE.
Leveraging free code, and abiding by the legal restrictions on that code, seems to hit the sweet spot for them.
Looked at another way, Nobody present, I think, would be concerned if DE decided to contract out sewer control software and then open-source the result. On the contrary, there would be cheers. Never mind it would put a few people out of business.
Aside from magnititude, wherein lies the difference between the sewer system and groupware?
-j
I did this at my last company with Oracle+openLDAP for > 1,000,000 users. Worked great, after some tuning. Which, admittedly, took some time. If that is an issue, don't be headstrong like I was and hire someone who knows how to do it the first time through, rather than learning as you go.
Doing things now at my current job (typically for much smaller user bases), I use postgres in place of Oracle, unless the client has a preference. It just works, it is fast, it doesn't chew off a limb when it has a problem. You can do more interesting queries if you need to. It is enterprise class, Mysql is not, yet. Sorry.
I wonder at all the people who have had endless problems with Open LDAP. If you read the docs, think about what they mean for your environment, and implement correctly, it works wonderfully, from stability to performance to features. Of course, lots of people have horror stories about Postgres, too, most of them illustrations of how not to run a real database. All I can say is these tools work for me and my clients.
My new company is currently about to close, I think, a deal to do what I described above for ~4M users. I'm entirely confident it will work, based on as close to empirical testing as we can emulate. The real world is always different, but that makes it fun. YMMV.
-j
Speaking of distributions, which distribution is most popular among Linux users who migrated from BSD? Is it Slackware?
Speaking only for my self, Debian. I still run and recommend FreeBSD in server environments, but for my main machine (a Thinkpad), I finally got religion and am running Linux on it.
The Debian package manager is wonderful, and reminds me of the management BSD is famous for.
-j
-j
You fail to make sense.
How is it that wanting freedom as it was defined by the people who wrote our founding laws (as opposed to freedom(tm), a concept that continually proves itself flexible to a number of different viewpoints, so long as there are contributions behind them), an indicator for "undergraduate liberal because my daddy is republican"? Please, explain how the founding fathers were hippies that screwed everyone in sight, ate other deadhead's acid, and evaded MSG security so that they could Get Another Miracle.
-j, a cranky product of a small, liberal arts college that cost too much.to preserve
No, I'm not sure. I think (s)he was correct, even if it wasn't intended. Somehow, they'll be had...
...right here.
Sorry, you're just wrong. A one time pad is pure random data. One XORs the data with the message. It is mathematically impossible to decrypt without a copy of the data used, because every possible decryption is equally likely.
Code talkers were speaking a language. Speaking a language in no way can be compared to employing an OTP. Someone not knowing the language could have, in time, learned it through a variety of methods. They just got lucky that the Japanese didn't have time time or the will to do so.
Check out http://pubweb.nfr.net/~mjr/pubs/otpfaq/
for more information.
-j
The best way to encrypt communications would be to write a one-time pad [...] [maybe you e-mail from home it in the morning using PGP?].
That is moronic.
If you think you need the theoretically perfect security of a one time pad, why would you send it using PGP?
Of course the data security needs of wasting time gossiping with pals doesn't require OTP security. Hm, maybe bundle a couple of thoughts and send it out with PGP instead?
But then, I've never understood the allure of IM.
-j
No, both you and the respondees are wrong.
The reason that 3DES works is that DES is not a group. That's a mathematical notion. I cannot explain it here. Read up on the lit. (Schneier, Applied Crypto is a really good start.)
Basically, most dumb encryption methods are additive - you cannot expect that encrypting once, and then again with a different method means the attacker will need to reverse the process. Many times, it is simple to defeat both in the same process. CF, again, why DES is not a group.
There are many methods that are _not_ additive, and still are a group. That is, you're not saved by making sure you're not a conjuction of mathematical ejaculate.
Crypto is _hard_. Really hard. Get used to it.
-j
My personal favorite post. Aside from the fact that the first paragraph ended up being extremely incorrect, I think Chuck got a lot of things right (Nevermind that he couldn't forsee AOL becoming the "virtual mall", or as some still call it, "walled garden", he's dead on):
/.)
(Fuck the lameness filter... first time I've hit it doing this, and I don't feel like figuring out why when I'm leaving the house in 10 minutes. You'll have to read it on Google, instead of
Interesting take on things to be.
So, unlike the vocal majority of computer geeks here, this geek actually has a clue about warfare.
It never fails to amuse me when people argue that, having been in the military, everyone who hasn't should just shut up and accept the opposing viewpoint.
This is no different than, say, "I've been going to church for 5 years, so unlike you athiests, I actually have a clue about religion. For fuck's sake, realize that god exists!" Or, perhaps, try "Unlike you Linux bigots, I have an MCSE, so I have a clue about Windows. For fuck's sake, realize Microsoft is better."
Endless fun. Because of years of indoctrination (and, having been in the military, you know the importance of indoctrination) and a vested interest in feeling good about your experience (not to mention, probably, a military scholarship or a pension or some other monetary reason for liking the armed forces), you have a monopoly on geopolitical knowledge.
I'm not even really saying I disagree with you - I do agree with some of what you're saying. I'm just pointing out that your argument for why the rest of the world should all drop the dumb peacenik hippy dippy feelings is complete and utter bullshit.
-j
Can you suggest or provide a more legally palatable alternative?
The funny part of this is that you're doing this on a site that is devoted to free software. Beer, electronics, etc. are all items that, if stolen, impact the loser in the situation. It doesn't work that way with software (or movies, for that matter) - it only impacts business models built on legalisms.
You only need to look at the site you're posting on for proof that software need not be owned, and the users of such need not be casual criminals should they fail to tithe you.
Content type information would be useful, you're right. Requiring a persistent connection, that can be good or bad, depending on the nature of the file transfer. It is true that for requesting arbitrary files meant to be accessible by anyone, the protocol has inefficiencies. You didn't note the problems it causes for firewalls, but I'll throw that in anyway. FTP is still the most efficient means of transferring files.
http is exactly what it is named - Hypertext Transport Protocol. People are abusing it (for reasons of expediency) to do a lot of things it was never meant to do.
I would argue that http is a stupid protocol to use for P2P. The only reason it is used is because firewalls leave that port open. One might as well argue (with substantially more reason) that port 22 and the ssh protocol is fine for P2P. Honestly, were that the case, a lot of the problems inherent in deployed P2P apps would not exist.
RPC over http is a bad hack. RPC, for all the problems it has, has been running over TCP/IP for quite some time now... the _only_ reason to encapsulate it is to circumvent firewalls. Yes, RPC has a multitude of problems, and honestly, I hate it. Encapsulating it to hide from security restrictions does not make it any more appealing. Users might not like a requirement to tunnel legitimate services through a firewall, but that is how it _should_ happen. There are a bundle of add-ons to make RPC over http appealing, like XML "standards", etc, but none of those are inherent to doing RPC over http.
Here, we agree. http is for random file access with built in intelligence about file types. Nothing more.
-j
Say, a weird Al song and the original.
After all, "I wonder if" is a far cry from...
Read the other comments. Intercepting system calls is not hard, and others have done it.
This sort of posting betrays more of the ignorance of the poster than anything else.
"It will not be some special exception for copyright owners," Glazier said. "It will be a general fix to bring back current law." Glazier is the RIAA's senior vice president of government relations and a former House aide.
Um, does that make sense to anyone, anywhere? Do we have a legal precedent to "return the way it is to now"?
I have the right to think. I can think about anything I want. I can write things down. I can write things down in my native tounge, in German, in perl, C or any other language I choose to learn. I have no moral obligation to teach others how to read various modes of communication. I can write down math. I can write down the results of mathematical calculations. I can show other people the product of my labors.
Where exactly do you have a problem?
-j
Does this remind anyone else of _A Fire Upon The Deep_ by Vernor Vinge? He coined a great phrase for this sort of thing as an enabling technology - "Ubiquitous Law Enforcement".
I'm sorry, but I feel this is a software security issue. As always with security issues, some people want a legal palliative to make them feel better ("Take a DCMA and an Anti-Spam and call me in the morning."). Others use software that doesn't behave in undesirable ways.
I am being a bit harsh here, but think about it for just a bit. There are consumer choices to make this crap go away, as many have noted in this topic. This really does seem to be a case of "Doctor, it hurts when I click there."
-j
-j
-j
No, _you_ missed the point. Encryption is not a health hazard - little kids don't fall into my copy of PGP and die. The point is that people have the right to talk to each other without third parties listening in. Or are you suggesting that the FBI be invited to your pillow talk with whomever you're sleeping with? Because that is exactly what you are proposing.
-j