The headline is incorrect. (at least premature)
on
HP Buys Compaq
·
· Score: 2
"HP buys Compaq" is premature.
HP has put a
proposal on the table to buy Compaq. To carry
it through, the US and EU antitrust authorities
must approve it. This will probably happen in
the end, but the authorities may
require some divisions to be sold off, and
may require other concessions that make the deal
less attractive. The stockholders have to
approve the final deal as well, though only
the large institutional investors have enough
stock to have a say.
Filter code needs to be written in such a way
that it can be shared by multiple projects.
Gnumeric has fairly decent Excel import capability -- why write two from scratch?
The requirement that all Qt-using programs
either be GPLed or else developed with a license
from Troll Tech, and that all KDE-using
programs be GPLed, is still an issue for Sun.
Gnome lets proprietary programs be developed,
and KDE does not.
(In that regard KDE is closer to RMS's thinking
than Gnome, despite past hostility between RMS
and the KDE team).
The religious fundamentalism came later.
The Mongols destroyed the great Islamic civilizations; Europe was saved only because
tradition required all of the clan leaders
to return to elect a new Khan, and the new
leader (Kublai, who you might remember from
the poem about Xanadu or Marco Polo's stories) wasn't as interested in world conquest
as his predecessors. The Mongols were never
defeated, they just went home.
Microsoft did not make the mess by just having a
security hole. Security holes happen. The
reason Code Red exploded, and the reason it's
taken so long for everyone to patch their systems, is because the lion's share of infections are to systems where the owner didn't even know that he or she is running IIS.
Now, even this kind of mistake happens and is made by others, which is why an unpatched Red
Hat 6.2 box will survive on the open Internet for
less than 15 minutes before being rooted. But
Microsoft made a critical error a month ago,
when Code Red I broke, by not urging all users
to check whether they intend to run IIS or not,
and if not, to turn it off.
Finally, Microsoft is to blame for releasing a
security tool at this late stage that will not
do the job. By now, the bad guys have used their
lists of IP addresses of infected systems to install back doors on tens of thousands of systems. These back doors will survive Microsoft's mop. But telling the truth -- that
the only safe thing is to reformat the system
and start all over again -- will look really
bad and cost the users a lot of time and money.
So they mumble something about checking the CERT
advisory to cover their asses legally, and then
the do this irresponsible thing.
Oh, come on. You say that it doesn't erase your
entire harddrive. Rather, it tells the entire
net "Hey everyone! I am an infected computer,
you can run any command you want on me!".
For example, my web log (and everyone else's
web log) has the hostnames or IP addresses of dozens of infected
systems. It would be a trivial matter for me
(or anyone else) to now erase the hard drives of any of these
machines, or just to browse through the entire
hard drive and take what I want and trash the
rest.
Or even better: use the back door to install a
new Trojan that will still be present even after
the owner applies Microsoft's patch.
You could get a web-based installer for free
in 1998, and before. It was called apt-get
and is a standard part of Debian. Yes, it
is web-based: you put URLs in your sources.list
file and HTTP is used to fetch the needed updates.
Don't be fooled by mentions of Internet browsers;
it's clear that these guys want their patent to
be interpreted broadly enough to cover any client
application that speaks HTTP or FTP. Once you
realize that, it's clear that apt-get does
everything described in claims 11 and 12, and
since standard Internet protocols are used,
claim 1 as well. And apt-get predates the filing
date of this patent (December 8, 1998), and other
features of the Debian package system provide all
of the capabilities described in this patent,
other than those for collecting money.
It's possible that some portion of this patent
could survive, but an easy way for competitors
to work around this patent is to base their
mechanisms for delivering virus updates on
apt technology, delivering their updates in
nice, standard.deb or.rpm packages.
Packets with spoofed addresses are easy to filter
out, if ISPs would do the right thing. Every
router has knowledge of what IP addresses exist
on each side of the router; all it has to do is
to reject packets with "impossible" addresses.
If the situation gets bad (because of XP), then
the DSL and cable modem providers can put a
filter on each customer's line, bouncing any
packet that does not give the correct address in
the case of a customer who has been assigned only
one IP address. The spoofed SYN packet game will
then be over.
This doesn't require new technology; any router
that's been sold recently already has the support
for this.
Yes, ISPs should be installing Sircam filters,
assisting users with installing such filters,
or both. It's in their own interest to do so,
to cut back on terabytes of unwanted traffic
clogging up their pipes.
It's not good enough to tell people not to open
attachments, when those attachments are clogging
up their pipe and filling up their disk, or
using up their disk quota at their ISP.
One of the biggest dissapointments I have in the US judicial system, is that it does not generally foster an attitude of compromise.
But this is completely wrong: in the vast majority
of cases where someone feels wronged and threatens
legal action, the case is settled (just as it
was in this case), which means that the two parties reached an acceptable compromise or
one side backed down (and yes, there's too much
of the latter in cases where one party has far
more resources than the other party).
Cases that actually go to court are the exception:
cases where a compromise could not be reached.
The opportunistic lawyers in the Adobe case were using a
quirk of German law that doesn't exist in the US.
Of course, the US has class action lawsuits which can sometimes be used in similar ways, but not
in cases like this.
For a GPL violation, only the copyright holder
has standing to sue.
It was the freeing of the slaves that caused
the complete destruction of the economy of
the south, since it was pretty much the only economy
that existed (almost no manufacturing, almost
no agriculture that didn't use slaves).
The south didn't really get back on its feet until after the civil rights movement, which the south
resisted tooth and nail. It was the south's own
practices that kept it backward and poor.
The intent of the LSB is to document what an
application developer can rely on. If you want
to make the LSB allow multiple versions of the
basic tools, it means that application developers
have to do something like autoconf to get their
package installed. Can't use "tar zxf foo.tgz",
since Florian doesn't want GNU tar. Can't use
anything but the most basic Posix commands,
because again Florian doesn't want to use them.
If you want to say that the LSB should only specify Posix-compatible commands, why do you need the LSB? Just use Posix.
There may be a need for another specification for
a cut-down Linux, something like the difference
between hosted and freestanding implementations
of ANSI C. But in this case, the standards folks
are standardizing based on what is in place.
Every GNU/Linux provider makes bash and GNU tar
available. People with special needs may want
to install alternatives, but in this era of
boxes with a Pentium 3, 20 Gb of disk and 128Mb
for $800 or less, it makes no sense to make the
lives of application developers harder to satisfy
a few dissidents who want to save a few kilobytes.
Also, remember that the LSB is only a minimum
standard. Developers who want to be more robust,
and portable to BSD and Unix as well as Linux,
will continue to be more rigorous in assuming
only Posix features.
Back in the 80s, Usenet was the net for those of us who couldn't get on the Internet, because we didn't have the connections into DARPA (by virtue of being a defense contractor or big research university) to get on it. The only connectivity we had was 1200 baud modems (in some cases, 300
baud). The way you got on was that you had a
Unix system and a modem, and a contact with someone that was willing to give you a news feed
(possibly in exchange for lightening the load
by feeding a couple of other folks).
Actually, you didn't even need Unix. I was at
a small company that did a lot of digital signal processing, and it was a VMS shop, so we ran
Usenet on top of Eunice (a Unix-on-top-of-VMS
emulation that sort of worked, but had only
symbolic links, no hard links). I was the guy who did
the Eunice port for 2.11B news: my first involvement in what would now be called a major
open source project.
Back in those days, to send mail you had to have a picture of the UUCP network topology in your
head: a series of paths that would get you from here to there. There were a couple of short cuts: sites that would move messages across the
country (ihnp4) or internationally (seismo,
which later became uunet, the first commercial
provider of news feeds).
Because of the way Usenet worked, in the days
where it went over UUCP (before NNTP), it was
based on personal connections and a web of trust.
Things were pretty loose, but if someone ignored
community norms and behaved in a way that would
clearly damage the fabric of the net, they just
lost their news feed and that was that. It
was cheap Internet connections and NNTP that
made Canter and Siegel (the first big Usenet
spammers) possible. But this reliance on personal connections had its downside: some
admins enjoyed being petty dictators too much.
The UUCP connection between AMD and National
Semi (yes, competitors fed each other news
on a completely informal basis,
it was a different era) was temporarily dropped because
of a personal squabble between the sysadmins.
There were many other nets then that weren't the
Internet: Bitnet, berknet (at Berkeley) and the
like. Figuring out how to get mail around
required wizardry: mixes of bang paths
(...!oliveb!epimass!jbuck), percent signs,
and at-signs (user%janus@ucbvax.ARPA).
The user interfaces on sites like Slashdot are
still vastly inferior to newsreader interfaces,
like trn and friends. I could quickly blast
through hundreds of messages, killing threads I wasn't interested in, skimming to get to the meat.
If only sites like Slashdot would pay more attention to what worked so well about Usenet.
It is ignorant to argue that you should normalize for clock speed. The Pentium 4's deep pipelines
are present precisely so that the chip can be run
at a faster clock speed than otherwise.
With the exact same technology, same fabs, you
can't make the Athlon run at the same clock
speed as the Pentium 4.
Cool... if you ask for pictures of Bill Gates,
the top two lines have several versions of the
mug shot from when he was busted in New Mexico
in his early 20s.
First off, the contracts from the about '94 on (or even earlier)
included Internet rights. But many organizations with big databases of older articles charge for access, so it's worth money for them to have these articles. Meanwhile, freelance writers always could use more money.
So what will happen now is that the major database holders will negotiate a settlement with the free lancers, and they have an incentive to do so. If you don't make a deal and your competitors do, researchers who pay several dollars per article to track down old stuff will go to your competitors.
I don't understand why people claim "the way Scott writes is like he's inventing the idea"
of micropayments.
Also, usable micropayments are not already in place. The few systems that exist (PayPal
and the like) are not workable; they siphon off
too much money; they sit on top of the credit
card system. They can't be used to make payments
of a few cents, because they aren't anywhere near efficient enough.
Your problem #1 can't be gotten rid of without
changing the Constitution. There are free speech
rights. Lawmakers have the power to forbid
fraud; they don't have the power to forbid someone
from speaking, or writing, or e-mailing for the
purpose of communicating some idea.
Your problem #2 is bogus -- the defendant made
the claim that the email addresses were
valid until cancelled, but he also used fake
addresses and he definitely used fake subject lines.
Also, the reason the person's account went away
was because he violated the contract with his
ISP. The ISP forbade spam, and he spammed.
When he lost the first address he'd get another,
knowing full well he'd lose the second and third
accounts.
Fraud again.
Wrong. If you send a business offer through
the mail to someone in another state, you
can damn well be held accountable by that state
or sued in that state.
There are better GIMP books
on
GIMP And OS X
·
· Score: 2
"The Artist's Guide to the GIMP" is not very good.
Get "Grokking the GIMP" by Carey Banks instead.
I own both books. The former (misnamed) book
will step through the menus one at a time and
tell you what they do, without really telling
you why. "Grokking the GIMP" will teach you
how to use the tool effectively.
Slashdot Mirror
"HP buys Compaq" is premature.
HP has put a proposal on the table to buy Compaq. To carry it through, the US and EU antitrust authorities must approve it. This will probably happen in the end, but the authorities may require some divisions to be sold off, and may require other concessions that make the deal less attractive. The stockholders have to approve the final deal as well, though only the large institutional investors have enough stock to have a say.
I run Ximian Gnome on my Debian 2.2 system
(it's potato + Ximian Gnome 1.4 + KDE 2.1.x).
Works fine.
Filter code needs to be written in such a way that it can be shared by multiple projects. Gnumeric has fairly decent Excel import capability -- why write two from scratch?
The requirement that all Qt-using programs either be GPLed or else developed with a license from Troll Tech, and that all KDE-using programs be GPLed, is still an issue for Sun. Gnome lets proprietary programs be developed, and KDE does not.
(In that regard KDE is closer to RMS's thinking than Gnome, despite past hostility between RMS and the KDE team).
The religious fundamentalism came later. The Mongols destroyed the great Islamic civilizations; Europe was saved only because tradition required all of the clan leaders to return to elect a new Khan, and the new leader (Kublai, who you might remember from the poem about Xanadu or Marco Polo's stories) wasn't as interested in world conquest as his predecessors. The Mongols were never defeated, they just went home.
Microsoft did not make the mess by just having a security hole. Security holes happen. The reason Code Red exploded, and the reason it's taken so long for everyone to patch their systems, is because the lion's share of infections are to systems where the owner didn't even know that he or she is running IIS.
Now, even this kind of mistake happens and is made by others, which is why an unpatched Red Hat 6.2 box will survive on the open Internet for less than 15 minutes before being rooted. But Microsoft made a critical error a month ago, when Code Red I broke, by not urging all users to check whether they intend to run IIS or not, and if not, to turn it off.
Finally, Microsoft is to blame for releasing a security tool at this late stage that will not do the job. By now, the bad guys have used their lists of IP addresses of infected systems to install back doors on tens of thousands of systems. These back doors will survive Microsoft's mop. But telling the truth -- that the only safe thing is to reformat the system and start all over again -- will look really bad and cost the users a lot of time and money. So they mumble something about checking the CERT advisory to cover their asses legally, and then the do this irresponsible thing.
Oh, come on. You say that it doesn't erase your entire harddrive. Rather, it tells the entire net "Hey everyone! I am an infected computer, you can run any command you want on me!".
For example, my web log (and everyone else's web log) has the hostnames or IP addresses of dozens of infected systems. It would be a trivial matter for me (or anyone else) to now erase the hard drives of any of these machines, or just to browse through the entire hard drive and take what I want and trash the rest.
Or even better: use the back door to install a new Trojan that will still be present even after the owner applies Microsoft's patch.
You could get a web-based installer for free in 1998, and before. It was called apt-get and is a standard part of Debian. Yes, it is web-based: you put URLs in your sources.list file and HTTP is used to fetch the needed updates.
Don't be fooled by mentions of Internet browsers; it's clear that these guys want their patent to be interpreted broadly enough to cover any client application that speaks HTTP or FTP. Once you realize that, it's clear that apt-get does everything described in claims 11 and 12, and since standard Internet protocols are used, claim 1 as well. And apt-get predates the filing date of this patent (December 8, 1998), and other features of the Debian package system provide all of the capabilities described in this patent, other than those for collecting money.
It's possible that some portion of this patent could survive, but an easy way for competitors to work around this patent is to base their mechanisms for delivering virus updates on apt technology, delivering their updates in nice, standard .deb or .rpm packages.
Packets with spoofed addresses are easy to filter out, if ISPs would do the right thing. Every router has knowledge of what IP addresses exist on each side of the router; all it has to do is to reject packets with "impossible" addresses.
If the situation gets bad (because of XP), then the DSL and cable modem providers can put a filter on each customer's line, bouncing any packet that does not give the correct address in the case of a customer who has been assigned only one IP address. The spoofed SYN packet game will then be over.
This doesn't require new technology; any router that's been sold recently already has the support for this.
Yes, ISPs should be installing Sircam filters, assisting users with installing such filters, or both. It's in their own interest to do so, to cut back on terabytes of unwanted traffic clogging up their pipes.
It's not good enough to tell people not to open attachments, when those attachments are clogging up their pipe and filling up their disk, or using up their disk quota at their ISP.
Richard Stallman wrote the GPL, with assistance from attorneys, including, I believe, Eben Moglen.
But this is completely wrong: in the vast majority of cases where someone feels wronged and threatens legal action, the case is settled (just as it was in this case), which means that the two parties reached an acceptable compromise or one side backed down (and yes, there's too much of the latter in cases where one party has far more resources than the other party).
Cases that actually go to court are the exception: cases where a compromise could not be reached.
The opportunistic lawyers in the Adobe case were using a quirk of German law that doesn't exist in the US. Of course, the US has class action lawsuits which can sometimes be used in similar ways, but not in cases like this.
For a GPL violation, only the copyright holder has standing to sue.
It was the freeing of the slaves that caused the complete destruction of the economy of the south, since it was pretty much the only economy that existed (almost no manufacturing, almost no agriculture that didn't use slaves).
The south didn't really get back on its feet until after the civil rights movement, which the south resisted tooth and nail. It was the south's own practices that kept it backward and poor.
The intent of the LSB is to document what an application developer can rely on. If you want to make the LSB allow multiple versions of the basic tools, it means that application developers have to do something like autoconf to get their package installed. Can't use "tar zxf foo.tgz", since Florian doesn't want GNU tar. Can't use anything but the most basic Posix commands, because again Florian doesn't want to use them.
If you want to say that the LSB should only specify Posix-compatible commands, why do you need the LSB? Just use Posix.
There may be a need for another specification for a cut-down Linux, something like the difference between hosted and freestanding implementations of ANSI C. But in this case, the standards folks are standardizing based on what is in place. Every GNU/Linux provider makes bash and GNU tar available. People with special needs may want to install alternatives, but in this era of boxes with a Pentium 3, 20 Gb of disk and 128Mb for $800 or less, it makes no sense to make the lives of application developers harder to satisfy a few dissidents who want to save a few kilobytes.
Also, remember that the LSB is only a minimum standard. Developers who want to be more robust, and portable to BSD and Unix as well as Linux, will continue to be more rigorous in assuming only Posix features.
Back in the 80s, Usenet was the net for those of us who couldn't get on the Internet, because we didn't have the connections into DARPA (by virtue of being a defense contractor or big research university) to get on it. The only connectivity we had was 1200 baud modems (in some cases, 300 baud). The way you got on was that you had a Unix system and a modem, and a contact with someone that was willing to give you a news feed (possibly in exchange for lightening the load by feeding a couple of other folks).
Actually, you didn't even need Unix. I was at a small company that did a lot of digital signal processing, and it was a VMS shop, so we ran Usenet on top of Eunice (a Unix-on-top-of-VMS emulation that sort of worked, but had only symbolic links, no hard links). I was the guy who did the Eunice port for 2.11B news: my first involvement in what would now be called a major open source project.
Back in those days, to send mail you had to have a picture of the UUCP network topology in your head: a series of paths that would get you from here to there. There were a couple of short cuts: sites that would move messages across the country (ihnp4) or internationally (seismo, which later became uunet, the first commercial provider of news feeds).
Because of the way Usenet worked, in the days where it went over UUCP (before NNTP), it was based on personal connections and a web of trust. Things were pretty loose, but if someone ignored community norms and behaved in a way that would clearly damage the fabric of the net, they just lost their news feed and that was that. It was cheap Internet connections and NNTP that made Canter and Siegel (the first big Usenet spammers) possible. But this reliance on personal connections had its downside: some admins enjoyed being petty dictators too much. The UUCP connection between AMD and National Semi (yes, competitors fed each other news on a completely informal basis, it was a different era) was temporarily dropped because of a personal squabble between the sysadmins.
There were many other nets then that weren't the Internet: Bitnet, berknet (at Berkeley) and the like. Figuring out how to get mail around required wizardry: mixes of bang paths (...!oliveb!epimass!jbuck), percent signs, and at-signs (user%janus@ucbvax.ARPA).
The user interfaces on sites like Slashdot are still vastly inferior to newsreader interfaces, like trn and friends. I could quickly blast through hundreds of messages, killing threads I wasn't interested in, skimming to get to the meat. If only sites like Slashdot would pay more attention to what worked so well about Usenet.
It is ignorant to argue that you should normalize for clock speed. The Pentium 4's deep pipelines are present precisely so that the chip can be run at a faster clock speed than otherwise.
With the exact same technology, same fabs, you can't make the Athlon run at the same clock speed as the Pentium 4.
Cool ... if you ask for pictures of Bill Gates,
the top two lines have several versions of the
mug shot from when he was busted in New Mexico
in his early 20s.
No, there's not going to be a memory hole.
First off, the contracts from the about '94 on (or even earlier) included Internet rights. But many organizations with big databases of older articles charge for access, so it's worth money for them to have these articles. Meanwhile, freelance writers always could use more money.
So what will happen now is that the major database holders will negotiate a settlement with the free lancers, and they have an incentive to do so. If you don't make a deal and your competitors do, researchers who pay several dollars per article to track down old stuff will go to your competitors.
I don't understand why people claim "the way Scott writes is like he's inventing the idea" of micropayments.
Also, usable micropayments are not already in place. The few systems that exist (PayPal and the like) are not workable; they siphon off too much money; they sit on top of the credit card system. They can't be used to make payments of a few cents, because they aren't anywhere near efficient enough.
No, not unless the Feds passed a similar law. Also, the Feds could pass a conflicting law and the Federal law would take precedence.
Your problem #1 can't be gotten rid of without changing the Constitution. There are free speech rights. Lawmakers have the power to forbid fraud; they don't have the power to forbid someone from speaking, or writing, or e-mailing for the purpose of communicating some idea.
Your problem #2 is bogus -- the defendant made the claim that the email addresses were valid until cancelled, but he also used fake addresses and he definitely used fake subject lines.
Also, the reason the person's account went away was because he violated the contract with his ISP. The ISP forbade spam, and he spammed. When he lost the first address he'd get another, knowing full well he'd lose the second and third accounts. Fraud again.
Wrong. If you send a business offer through the mail to someone in another state, you can damn well be held accountable by that state or sued in that state.
"The Artist's Guide to the GIMP" is not very good. Get "Grokking the GIMP" by Carey Banks instead. I own both books. The former (misnamed) book will step through the menus one at a time and tell you what they do, without really telling you why. "Grokking the GIMP" will teach you how to use the tool effectively.