Contract law gives the agreements I make with copyright holders in their licences, INCLUDING THE GPL, other than for distribution, copying, and modification their weight. Otherwise it's unenforceable.
Not at all. There is no need for any agreement. The GPL gives you permission to distribute the software under certain conditions. If you distribute it other than under these conditions, you are distributing without permission from the copyright holder, and thus violating copyright law.
You can have a contract including the transfer of licenses, but a license itself is not a contract and should not be treated as one.
A road with effectively separate roads ("carriageways") for going in opposite directions, rather than just a white line between the lanes for going one way and the other.
Software licenses are agreements that should have the full weight of contract law. There is no other way that the licenses I prefer, like the GPL, BSD, Mozilla, MIT, etc, get any legal weight.
That's completely false. Licenses like the GPL work because it is illegal to distribute a copyrighted work without permission from the copyright holder.
I think it's just that Librarians tend to be people who read for pleasure, which is a disappointingly small proportion of people these days. I think you'd find the response of that small group is similar though.
The problem is that people conflate "good" and "legal". If you've done nothing wrong, that doesn't imply anything about whether you've done anything illegal.
I seem to recall it was going fine for you until you embargoed a particular foreign power, which then attacked you. Not that I wish the US hadn't been involved in WWII, but it would be better for the US had it not.
And this is coming from me as a libertarian who agrees we should not be so entrenched overseas... but there are places where our nose does belong. Iran is probably trying to create nuclear weapons. Their public policy is that Israel should be blown off the face of the Earth. Is it OK for us to intervene now?
If by intervene you mean invade, certainly not. There are possible grounds for sanctions in that they may be violating a treaty, but you've been pissing all over said treaty so I don't think you're in any position to talk about such. As for their policy, talk is cheap. By all means respond in kind - the US could make a public statement that it will obliterate anyone who uses nuclear weapons against Israel - but what they've said is no justification for an invasion.
But I think you're implying that it's OK for Osama bin Laden to kill 3000 innocent Americans because the US had bases in Saudi Arabia. Is that what you're saying?
Is it OK for a burglar to take stuff from someone who leaves their door open? Of course not, but it's still their own fault.
Then Saddam Hussein attacked Kuwait and we went to war to push him back, and then Osama said he was mad because Iraqi children died then and in the aftermath. Did he blame Saddam? A little, but mostly us.
That's because the sanctions were pretty much all your fault. Sure, Saddam invaded another country and he shouldn't have, but that's no justification for what happened afterwards.
I certainly hope so. Surely that's the right thing to do, if such countries exist. You don't really support free speech if you only support the freedom to criticise governments you don't like.
Why? A standalone application is so much easier to use than one embedded in a webpage - you don't have all the junk that's meaningless for its particular purpose. And a plugin for my player of choice is certainly better than having to use their player for my music - there is a huge choice of media players and it's something people have strong (and differing) feelings about. If you're worried about what the programs are doing to your box, the source for the player is certainly available (I don't know about the license, but you can certainly read through it) and most of the player plugins are open source, and if you don't like the one they offer for your player the protocol and a library to access it are open, you can just write your own.
The best part is they put the protocol and a library up, so if your favourite player isn't supported, you can just write your own plugin - that's what I did.
Sure, the left prong was useless, but the asymmetry of holding the middle and right ones actually felt a lot more comfortable than a normal controller. I was sad to see only two prongs on every controller since.
But the cost of a DVD has absolutely nothing to do with the cost of materials and distribution. All you're paying for is the "IP", and that's the same however you get it.
CDs cost more than casettes even though the production costs are less. Don't expect to pay any less than DVD prices for this type of service.
Re:Why listen to Mitnick?
on
Mitnick on OSS
·
· Score: 1
For the same reason you'd care what ${celebrity_icon_of_the_week} does their hair with. Mitnick is just a celebrity for tech people.
Re:Never understand when people say OSS is secure
on
Mitnick on OSS
·
· Score: 2, Insightful
You exposing your entire source code for public scrutiny, and this is more secure the closed proprietary software?
Yes.
How and why?
Because holes are more likely to be brought to your attention. If a good guy has access to your source, they may well look through it, and if they're doing that, they may well spot any holes, even if they weren't looking from a security standpoint, if they were just looking to improve your code. Whereas the only person who's going to bother looking for holes in a closed program is a bad guy.
I think OSS is the most insecure software out there. Think of it. Anybody could take RedHat's source code, create their own distro filled with back doors and zombie daemons, and then distribute this OS supposedly under the guise of a secure RedHat release.
It's just as easy to do this with windows, OSX or anything you like, you don't need source access to do it. People know, or should do, to get PGP sigs from the official site.
If you are not careful (and it is easy not to be careful when OSS is distributed largely with P2P software and bit torrents)
Of course, but if you're the kind of person who will do that, you probably won't be careful when you're downloading programs for other OSes. In which case you're just as owned.
Also, your security protocols and measures are all exposed to public scrutiny. Perhaps among the Open Source community that this exposure allows them to create more secure software, by collectively working to plug holes and make the code base rock solid. But this ignores the fact that people with the same skill set but with vastly different intentions can use the same source code to FIND holes and to WRITE exploits using the original source code as its base. Wouldn't it be more difficult to find a security flaw if it uses the original source code as its base.
Yes, it would be. But if it's more difficult to find a flaw, that actually makes you less secure. If anyone can find a flaw, if you're lucky it will be a friendly OSS programmer who will just fix it. If you're unlucky it will be a script kiddie who will deface your homepage - annoying and embarrassing, but not a real problem. If it takes lots of skill and effort, the only person who will bother to find it is the one who's going to use it to take your credit card database.
In the end, I think that if someone truly wanted to target OSS and make it a victim of hackers they would more easily find exponentially greater security flaws and deliver more damaging payloads simply by the fact they can use the ACTUAL code as a basis for their attacks.
You don't need the code to do the attack, once you've found the hole, exploiting it is easy enough without it.
Re:In other news...
on
Mitnick on OSS
·
· Score: 2, Funny
But when a horse comments on it it becomes insightful?
Slashdot Mirror
I don't think you could gain anything that way - if you're selling copies, you clearly do have the key.
Quite simple, change the UA for IE7, to something like Mozilla/5.0 (compatible; IE7, like Gecko)
Personally, I say open the floodgates. If it's large enough that its gravity makes it round, it's a planet. That goes for Ceres and Vesta too.
Not at all. There is no need for any agreement. The GPL gives you permission to distribute the software under certain conditions. If you distribute it other than under these conditions, you are distributing without permission from the copyright holder, and thus violating copyright law.
You can have a contract including the transfer of licenses, but a license itself is not a contract and should not be treated as one.
A road with effectively separate roads ("carriageways") for going in opposite directions, rather than just a white line between the lanes for going one way and the other.
That's completely false. Licenses like the GPL work because it is illegal to distribute a copyrighted work without permission from the copyright holder.
I think it's just that Librarians tend to be people who read for pleasure, which is a disappointingly small proportion of people these days. I think you'd find the response of that small group is similar though.
The problem is that people conflate "good" and "legal". If you've done nothing wrong, that doesn't imply anything about whether you've done anything illegal.
I seem to recall it was going fine for you until you embargoed a particular foreign power, which then attacked you. Not that I wish the US hadn't been involved in WWII, but it would be better for the US had it not.
And this is coming from me as a libertarian who agrees we should not be so entrenched overseas... but there are places where our nose does belong. Iran is probably trying to create nuclear weapons. Their public policy is that Israel should be blown off the face of the Earth. Is it OK for us to intervene now?
If by intervene you mean invade, certainly not. There are possible grounds for sanctions in that they may be violating a treaty, but you've been pissing all over said treaty so I don't think you're in any position to talk about such. As for their policy, talk is cheap. By all means respond in kind - the US could make a public statement that it will obliterate anyone who uses nuclear weapons against Israel - but what they've said is no justification for an invasion.
But I think you're implying that it's OK for Osama bin Laden to kill 3000 innocent Americans because the US had bases in Saudi Arabia. Is that what you're saying?
Is it OK for a burglar to take stuff from someone who leaves their door open? Of course not, but it's still their own fault.
Then Saddam Hussein attacked Kuwait and we went to war to push him back, and then Osama said he was mad because Iraqi children died then and in the aftermath. Did he blame Saddam? A little, but mostly us.
That's because the sanctions were pretty much all your fault. Sure, Saddam invaded another country and he shouldn't have, but that's no justification for what happened afterwards.
And you don't feel that after being part of the soviet union for ~70 years Russia might possibly have absorbed a bit of its culture?
Censoring a blog you host is not the same as censoring the entire internet (which is what google is effectively doing).
I certainly hope so. Surely that's the right thing to do, if such countries exist. You don't really support free speech if you only support the freedom to criticise governments you don't like.
Why? A standalone application is so much easier to use than one embedded in a webpage - you don't have all the junk that's meaningless for its particular purpose. And a plugin for my player of choice is certainly better than having to use their player for my music - there is a huge choice of media players and it's something people have strong (and differing) feelings about. If you're worried about what the programs are doing to your box, the source for the player is certainly available (I don't know about the license, but you can certainly read through it) and most of the player plugins are open source, and if you don't like the one they offer for your player the protocol and a library to access it are open, you can just write your own.
Just use the same username/password for both. I use the same account in amarok and noatun.
The best part is they put the protocol and a library up, so if your favourite player isn't supported, you can just write your own plugin - that's what I did.
Am I the only one wondering why this line is included?
If you're not thirsty at all, you're not going to waste time looking for a drink. The pain is made stronger so it gets noticed over the thirst.
Yeah, you're going through hyperspace - the whole point is to get there faster by covering a shorter distance at the same speed.
Sure, the left prong was useless, but the asymmetry of holding the middle and right ones actually felt a lot more comfortable than a normal controller. I was sad to see only two prongs on every controller since.
That wasn't the policy they applied to my high school.
CDs cost more than casettes even though the production costs are less. Don't expect to pay any less than DVD prices for this type of service.
For the same reason you'd care what ${celebrity_icon_of_the_week} does their hair with. Mitnick is just a celebrity for tech people.
Yes.
How and why?
Because holes are more likely to be brought to your attention. If a good guy has access to your source, they may well look through it, and if they're doing that, they may well spot any holes, even if they weren't looking from a security standpoint, if they were just looking to improve your code. Whereas the only person who's going to bother looking for holes in a closed program is a bad guy.
I think OSS is the most insecure software out there. Think of it. Anybody could take RedHat's source code, create their own distro filled with back doors and zombie daemons, and then distribute this OS supposedly under the guise of a secure RedHat release.
It's just as easy to do this with windows, OSX or anything you like, you don't need source access to do it. People know, or should do, to get PGP sigs from the official site.
If you are not careful (and it is easy not to be careful when OSS is distributed largely with P2P software and bit torrents)
Of course, but if you're the kind of person who will do that, you probably won't be careful when you're downloading programs for other OSes. In which case you're just as owned.
Also, your security protocols and measures are all exposed to public scrutiny. Perhaps among the Open Source community that this exposure allows them to create more secure software, by collectively working to plug holes and make the code base rock solid. But this ignores the fact that people with the same skill set but with vastly different intentions can use the same source code to FIND holes and to WRITE exploits using the original source code as its base. Wouldn't it be more difficult to find a security flaw if it uses the original source code as its base.
Yes, it would be. But if it's more difficult to find a flaw, that actually makes you less secure. If anyone can find a flaw, if you're lucky it will be a friendly OSS programmer who will just fix it. If you're unlucky it will be a script kiddie who will deface your homepage - annoying and embarrassing, but not a real problem. If it takes lots of skill and effort, the only person who will bother to find it is the one who's going to use it to take your credit card database.
In the end, I think that if someone truly wanted to target OSS and make it a victim of hackers they would more easily find exponentially greater security flaws and deliver more damaging payloads simply by the fact they can use the ACTUAL code as a basis for their attacks.
You don't need the code to do the attack, once you've found the hole, exploiting it is easy enough without it.
But when a horse comments on it it becomes insightful?
and tell Scott McNealy what to do with his assets. 'cos we could really do with java 1.5 being free.