"Just as in the UK, the Government will probably be paying for it."
Maybe they should ask the UK government to pay for it -- they could spend as much money as they liked, and it would still work out as £30 after KPMG have finished with the accounting.
"open/save window if autocomplete kicks in, BLOODY AWKWARD."
Ever tried telling their Linux GUI where a program is? You try to type/usr/bin/xpdf or something, and as soon as you've done the/usr/bin part your computer locks up while it lists every single program in that directory, and puts them all into its little dropdown list (which I'm sure isn't just a list of strings, it probably contains frame widgets containing labels, all allocated dynamically with a load of metadata)
I can't remember if that was KDE or GNOME which did that, but I certainly haven't attempted the "Open with" command again. (Windows of course, takes just as long to populate its list of approved programs when you try to use "open with")
"I remember seeing a poster in college stating that about 1% of the world's population has a four year degree."
Maybe so, but that doesn't necessarily mean that computer users want a file-select box that assumes you don't know where the file is and actively hinders you from trying to tell it.
Nor does someone's lack of a degree mean that they're likely to forget where a file is if the computer doesn't put each directory in a different place on the screen.
GNOME is getting too like Mac OS X, which is so streamlined and elegant that it's impossible to find any functionality.
If you could just get the 667000 wikipedia editors to obtain a PGP key each, that would be a noteworthy achievement in itself -- organizing a system where they sign each phrase they write would be a masterpiece of administration that I'd be interested to see anyone implement...
I thought the reason they launched Galileo (the satellite system, not his body) was that GPS wasn't reliable or accurate enough to use for autopilots (even on aircraft, where 10m hardly matters, let alone cars)
"Detailed electronic maps of cities already exist"
Well, if you pay enough money, you can get a reasonably complete list of road centrelines that won't be more than a few meters away from the road's actual location. But that doesn't tell you where the edge of the road is, and it won't be up-to-date, and it won't include temporary changes or roadworks, and it might contain deliberate errors to catch people trying to copy the map.
And best of all, GPS is degraded in cities anyway. Some of the people mapping London have found that they can get reasonably accurate measurements between 4am and 6am when there just happen to be enough satellites overhead that they're all line-of-sight when you're standing between 2 skyscrapers.
"Then we should make all cars single passenger vehicles, because I for one am more distracted by passengers talking in the car than by a conversation on a cell phone."
Personally, I find it quite useful to have passengers in the car, as they can do all the map-reading, looking at roadsigns, changing CDs, operating the telephone, and looking around at all the blind spots (especially at junctions where you need to look in 5 directions at once)
It's stressful enough just trying to drive, navigate, and keep track of speed limits -- I couldn't imagine trying to place a phone call at the same time without ending up in a ditch.
"About a year ago, I posted a discussion to some part of Wikipedia advocating digitally signing articles with GPG keys."
So as soon as someone corrects a spelling-mistake, the whole section is marked as untrustworthy?
Why not adapt one of the "blame algorithms" built into CVS systems, which shows the article and labels each bit of text with the last person to change it? That would seem to fit in better with the existing database.
"I wonder what it would cost to put together an open-source consortium to design the thing from the ground up."
It would take open-sourcing all the potential political scandals ("hidden requirements") that are currently just deals between friends, and making them into visible requirements for the software.
It might also involve setting up an open-source bureaucracy that's rigid enough to do all the certifications (i.e. no more extreme programming, hacking or whatever, but the 2 lines of code per day that you get when audits are involved)
Actually, I think Jimbo's idea is starting to make sense, but it seems to be about watchlists -- something created by an anonymous user won't be on anyone's watchlist by default, so who will see if it gets changed? RC patrol can't pick-up everything.
Otika's comments are rather different, although still interesting. If a wiki article was created and edited by anonymous users, shouldn't the level of trustworthiness be more visible in each article. I'm not sure how relevant references are, because such a small percentage of editors/readers follow the links. It will be interesting to see what additions are made to wikipedia to follow these thoughts, although I don't think it undermines the wikipedia concept itself.
The other one is "If people need privacy then it's likely to be original research", which is also interesting. But isn't original research removed from wikipedia anyway, regardless of source? (i.e. recognise content by the content, not by its author) Also, some people might have insight because of where they are which they don't want to reveal for personal or job security reasons, but which still gives context to publically-available facts.
But then, knowing whether someone has an account tells you nothing about their anonymity status (e.g. the proxies they use, the pseudonyms they use), which is why I thought wikipedia's new policy is a technical/watchlist thing, rather than a philosophical one.
In the interest of accountability, shouldn't it have been this way in the first place?
When you edit the page anonymously, you gain copyright on that edit for the default length of time (i.e. not life + x years because you haven't revealed who you are), and when you submit it to wikipedia, you assert that it's your work and that you've released it under the LGPL. If it turns out that an anonymous editor infringed some copyright in an edit, then the offending contributions would have to be removed, and that process isn't intrinsically more difficult than if you knew who contributed them. I'd be interested to hear why you think anonymous edits would be a problem to wikipedia's accountability? Is it just the US attitude of "we want to be able to sue someone"?
AC on wikipedia like on many other webpage is most to encourage activity altough user laziness.
At last count, I had 155 user-accounts on various websites. Each of those requires remembering my username and password. In a vast majority of cases, creating a new account on one website means giving them the ability to compromise many of my other accounts through password-reuse, or to compromise pseudonymity through usage patterns. With multiple computers and frequent reformats, trusting the computer to generate unique passwords isn't an option. And then there are the unanticipated leaks of personal information, such as finding out that a gmail cookie can be identified with a google search, or that advertisement banners are sharing login details between multiple domains.
And I'm unusually careful by comparison. Most people I know have trouble remembering even 2 or 3 passwords, and don't even consider choosing a new one for sensitive credentials.
Given that, why is it reasonable that someone must create an account just to contribute to an internet encyclopedia, or to comment on a blog such as slashdot, to view a newspaper article, or even just to do a search within scanned books? An "anonymous" wikipedia editor doesn't mean they're lazy, or vandals - it might just mean they're tired of all the registering bullshit which seems so prevalent on the internet nowadays.
And yes, I have accounts at wikipedia and slashdot, and I frequently use both websites anonymously. Without that facility, there are many things which could never be said. Is it worth silencing those things in persuit of a better barrier to entry?
all this critique from bloggers is more than a little hypocritical
It may surprise you to learn that there is more than one blogger in the world, and they have different opinions. For example, one blogger might be copying work from a newspaper, and another might not. The one who doesn't is entitled to complain when his work gets copied. It's not hypocracy if two people have different opinions.
The future will bring us more: - more PDFs on web pages - more Flash on webpages
Nooo! the future intarweb will be all inaccesible to me, it will all show up as "would you like to open this document in XPDF", and "additional plugins are required to view this page".
Actually, I feel quite sorry for the people who based their careers on Flash (or LiveMotion, or any other proprietary technology in fact), when one company can just say "sorry, your life is obsolete" when they discontinue the product.
Admittedly it hasn't happened for Flash yet. But I'd rather be teaching it than learning it, at the current moment...
"So cut the crud. this is about whether or not people have the right to rip and secondly if they have the right to re-distribute."
Where did you get that from? I agree that the right to play DVDs on linux is a distraction, designed to make it easier to explain the argument to slow friends, politicians, and the general public.
But the actual issue it's concealing is the ability to play standard media formats [DVDs] on Free Software.
That's why a "WinWord-viewer"-style DVD player for linux wouldn't be accepted -- nothing to do with everyone being thieves or whatever you were trying to imply, but simply that Free Software is trustworthy and the DVD industry isn't.
In fact, mass media in general is just a side-issue - the important thing is that the owner of a computer should be able to control what it does. That's why people are so outraged at DVD drives that prevent fast-forwarding, or play unskippable adverts, or only allow you to change regions 5 times, or dial-up to the internet to download a license (and a list of new restrictions that your computer will impose on you)
Sorry to quote RMS again, but "trecharous computing" really is the phrase for this stuff.
And too many people are fooled by the "if you don't run Windows Media Player with DRM then you must be a copyright-infringer" argument that's so easy to trot-out when someone demands that they be in control of their own computers.
There must be a master key somewhere, so the database itself can see all the unencrypted data. If not, then indexes are meaningless as the fields to be indexed would be gibberish and not subject to any form of ordering.
That's rather defeatist.
Who needs to order the table? Give them a token which allows them to maintain an index of the obscured IDs.
Who needs to handle references and JOINs? Let them use the hashed version of the ID.
Who needs to do statistics on the data (e.g. totals from a sales column)? Give then a column of numbers which can be mathematically translated into the total without revealing individual amounts.
Who needs to do a search? Give them the tokens that allow them to construct the correct query on obscured data.
Who needs to decrypt a record? Put it's key somewhere constructed so only they can determine it.
Who needs to decrypt the entire database? Actually no-one.
Most people already understand this well enough -- think of password files for example, where it's common practise to use hashes and salts, to remove sensitive data from view to a different location, etc.
Thing is, people don't do that most of the time because it's time-consuming and complex and requires lots of thought, not because it's impossible.
Good comments are written first, before the code, describing what the following code does.
That's because the design tools are crap, and you're left to use comments as a replacement for them.
I know what you mean, and I use comments that way all the time. But only because my company doesn't own a single decent UML, flowcharting, or outlining tool.
I have certain programs on my computer that can get past my firewall for various reasons. I often wonder about some of the biggest heists in the world, they're usually done by someone on the inside. If your network is locked down and something from the inside punches a hole in it how do you control any of that?
I'll put specific names where you've only talked generally. At work, I have a brand new Windows XP Pro machine. It had a built-in firewall which is designed to prevent internet access (in or out) without specific permission from me, the user and Administrator of that computer.
Some time later, I notice that InstallShield has successfully contacted the internet to update its list of programs. I checked the firewall again, and it was still set to "no internet access without user permission", and the exceptions were all turned off.
More recently, I was using Windows update, and noticed that it never popped up a window to ask whether I should allow this new program to access the internet. Come to think of it, Internet Explorer itself should never have had permission to connect according to the firewall settings as displayed. And I bet that if I tried, Windows Media Player would be able to download content from the internet regardless of firewall settings.
Insider job indeed! Sure, I could install a firewall from a company that I trust, and the problems would likely go away. But it rather reinforces the point about attacks being insider jobs (in this case, from programs)
The obvious (but perhaps offtopic) thing missing from that list is what some people call "Translucent databases", i.e. a database which is secure against someone with root access to it.
In the simplest case, that means not storing information that isn't required; what the database doesn't know it can't reveal. e.g. why did the SpreadFirefox.com crack reveal phone numbers? Why are universities' computers haemmoraging SSN's and dates of birth? Just don't store them unless they're specifically required.
For other things, you might need a unique identifier rather than a name, SSN, etc., so create one instead of using the actual data. e.g. giving the webstats department a database with a random identifier instead of username in the tables.
If you design your application with these principles in from the start (and I've taken this example from Peter Wayner's book), you can do things like hashing the ID fields with a salt, so that you can reference them, and search on them, but unless you know the salt, you can't look-up an individual item and know what it means.
Then there's data which will only ever be accessed or changed by the user themselves, so why not encrypt it with their password (which isn't stored in the database either) -- it might be inconvenient not being able to "just go in and fix stuff" if the user forgets their password, but sometimes it's worth it for when the database gets cracked and you can say for sure that no information was revealed.
Fake rows of information marked with tokens that require special knowledge to spot. Databases split between buildings. Values stored that require a certain number of users' collaboration to decode. Quantising data (e.g. access times in logs) so that you know approximately what happened when, but the bad guys can't search for a particular transaction by its timestamp -- There's plenty of security you can add to a database, even after you've installed the firewall and set a root password...
"It is certainly not popular to point out, but war is generally what advances civilization in terms of discovery, invention, etc."
That's why some of the African countries in the middle of civil war, are amongst the poorest people on earth, begging on our TV screens for food and medicine?
Just because a country is at war, doesn't mean their defence contractors have billions of dollars of surplus money to spend like some more local countries at war.
People do bad things using Linux on a daily basis including cracking, handling violent or child pornography
This is a taboo now, just liek child porn was? The UK law isn't even passed yet, and it's already forbidden to show cartoon characters hitting one another.
You are entitled to the source code to the missiles that just landed on your head under the terms of the GPL?
Uh, copyright law in general doesn't apply to people creating things for the government|military (any government|military) -- even GPL.
Plenty of people have been screwed by believing that the US government adhered to the Berne convention -- surely your GPL claim is even less significant than all those other *US, commercial* inventors that the federal government has ripped-off so recently?
Slashdot Mirror
"Just as in the UK, the Government will probably be paying for it."
Maybe they should ask the UK government to pay for it -- they could spend as much money as they liked, and it would still work out as £30 after KPMG have finished with the accounting.
"open/save window if autocomplete kicks in, BLOODY AWKWARD."
/usr/bin/xpdf or something, and as soon as you've done the /usr/bin part your computer locks up while it lists every single program in that directory, and puts them all into its little dropdown list (which I'm sure isn't just a list of strings, it probably contains frame widgets containing labels, all allocated dynamically with a load of metadata)
Ever tried telling their Linux GUI where a program is? You try to type
I can't remember if that was KDE or GNOME which did that, but I certainly haven't attempted the "Open with" command again. (Windows of course, takes just as long to populate its list of approved programs when you try to use "open with")
"I remember seeing a poster in college stating that about 1% of the world's population has a four year degree."
Maybe so, but that doesn't necessarily mean that computer users want a file-select box that assumes you don't know where the file is and actively hinders you from trying to tell it.
Nor does someone's lack of a degree mean that they're likely to forget where a file is if the computer doesn't put each directory in a different place on the screen.
GNOME is getting too like Mac OS X, which is so streamlined and elegant that it's impossible to find any functionality.
If you could just get the 667000 wikipedia editors to obtain a PGP key each, that would be a noteworthy achievement in itself -- organizing a system where they sign each phrase they write would be a masterpiece of administration that I'd be interested to see anyone implement...
"GPS technology can offer centimeter accuracy"
I thought the reason they launched Galileo (the satellite system, not his body) was that GPS wasn't reliable or accurate enough to use for autopilots (even on aircraft, where 10m hardly matters, let alone cars)
"Detailed electronic maps of cities already exist"
Well, if you pay enough money, you can get a reasonably complete list of road centrelines that won't be more than a few meters away from the road's actual location. But that doesn't tell you where the edge of the road is, and it won't be up-to-date, and it won't include temporary changes or roadworks, and it might contain deliberate errors to catch people trying to copy the map.
And best of all, GPS is degraded in cities anyway. Some of the people mapping London have found that they can get reasonably accurate measurements between 4am and 6am when there just happen to be enough satellites overhead that they're all line-of-sight when you're standing between 2 skyscrapers.
"Then we should make all cars single passenger vehicles, because I for one am more distracted by passengers talking in the car than by a conversation on a cell phone."
Personally, I find it quite useful to have passengers in the car, as they can do all the map-reading, looking at roadsigns, changing CDs, operating the telephone, and looking around at all the blind spots (especially at junctions where you need to look in 5 directions at once)
It's stressful enough just trying to drive, navigate, and keep track of speed limits -- I couldn't imagine trying to place a phone call at the same time without ending up in a ditch.
"About a year ago, I posted a discussion to some part of Wikipedia advocating digitally signing articles with GPG keys."
So as soon as someone corrects a spelling-mistake, the whole section is marked as untrustworthy?
Why not adapt one of the "blame algorithms" built into CVS systems, which shows the article and labels each bit of text with the last person to change it? That would seem to fit in better with the existing database.
"I wonder what it would cost to put together an open-source consortium to design the thing from the ground up."
It would take open-sourcing all the potential political scandals ("hidden requirements") that are currently just deals between friends, and making them into visible requirements for the software.
It might also involve setting up an open-source bureaucracy that's rigid enough to do all the certifications (i.e. no more extreme programming, hacking or whatever, but the 2 lines of code per day that you get when audits are involved)
"The problem is not seriously shortening the life span of the hard drive by opening it up in an unclean environment."
That doesn't even begin to describe my house...
Actually, I think Jimbo's idea is starting to make sense, but it seems to be about watchlists -- something created by an anonymous user won't be on anyone's watchlist by default, so who will see if it gets changed? RC patrol can't pick-up everything.
Otika's comments are rather different, although still interesting. If a wiki article was created and edited by anonymous users, shouldn't the level of trustworthiness be more visible in each article. I'm not sure how relevant references are, because such a small percentage of editors/readers follow the links. It will be interesting to see what additions are made to wikipedia to follow these thoughts, although I don't think it undermines the wikipedia concept itself.
The other one is "If people need privacy then it's likely to be original research", which is also interesting. But isn't original research removed from wikipedia anyway, regardless of source? (i.e. recognise content by the content, not by its author) Also, some people might have insight because of where they are which they don't want to reveal for personal or job security reasons, but which still gives context to publically-available facts.
But then, knowing whether someone has an account tells you nothing about their anonymity status (e.g. the proxies they use, the pseudonyms they use), which is why I thought wikipedia's new policy is a technical/watchlist thing, rather than a philosophical one.
In the interest of accountability, shouldn't it have been this way in the first place?
When you edit the page anonymously, you gain copyright on that edit for the default length of time (i.e. not life + x years because you haven't revealed who you are), and when you submit it to wikipedia, you assert that it's your work and that you've released it under the LGPL. If it turns out that an anonymous editor infringed some copyright in an edit, then the offending contributions would have to be removed, and that process isn't intrinsically more difficult than if you knew who contributed them. I'd be interested to hear why you think anonymous edits would be a problem to wikipedia's accountability? Is it just the US attitude of "we want to be able to sue someone"?
AC on wikipedia like on many other webpage is most to encourage activity altough user laziness.
At last count, I had 155 user-accounts on various websites. Each of those requires remembering my username and password. In a vast majority of cases, creating a new account on one website means giving them the ability to compromise many of my other accounts through password-reuse, or to compromise pseudonymity through usage patterns. With multiple computers and frequent reformats, trusting the computer to generate unique passwords isn't an option. And then there are the unanticipated leaks of personal information, such as finding out that a gmail cookie can be identified with a google search, or that advertisement banners are sharing login details between multiple domains.
And I'm unusually careful by comparison. Most people I know have trouble remembering even 2 or 3 passwords, and don't even consider choosing a new one for sensitive credentials.
Given that, why is it reasonable that someone must create an account just to contribute to an internet encyclopedia, or to comment on a blog such as slashdot, to view a newspaper article, or even just to do a search within scanned books? An "anonymous" wikipedia editor doesn't mean they're lazy, or vandals - it might just mean they're tired of all the registering bullshit which seems so prevalent on the internet nowadays.
And yes, I have accounts at wikipedia and slashdot, and I frequently use both websites anonymously. Without that facility, there are many things which could never be said. Is it worth silencing those things in persuit of a better barrier to entry?
all this critique from bloggers is more than a little hypocritical
It may surprise you to learn that there is more than one blogger in the world, and they have different opinions. For example, one blogger might be copying work from a newspaper, and another might not. The one who doesn't is entitled to complain when his work gets copied. It's not hypocracy if two people have different opinions.
Problem: all the journalists are still drunk after the christmas party, and an edition needs to be written.
Solution: a list of 15 wealthy fictional characters with hilarious biographies
The future will bring us more: - more PDFs on web pages - more Flash on webpages
Nooo! the future intarweb will be all inaccesible to me, it will all show up as "would you like to open this document in XPDF", and "additional plugins are required to view this page".
Actually, I feel quite sorry for the people who based their careers on Flash (or LiveMotion, or any other proprietary technology in fact), when one company can just say "sorry, your life is obsolete" when they discontinue the product.
Admittedly it hasn't happened for Flash yet. But I'd rather be teaching it than learning it, at the current moment...
"So cut the crud. this is about whether or not people have the right to rip and secondly if they have the right to re-distribute."
Where did you get that from? I agree that the right to play DVDs on linux is a distraction, designed to make it easier to explain the argument to slow friends, politicians, and the general public.
But the actual issue it's concealing is the ability to play standard media formats [DVDs] on Free Software.
That's why a "WinWord-viewer"-style DVD player for linux wouldn't be accepted -- nothing to do with everyone being thieves or whatever you were trying to imply, but simply that Free Software is trustworthy and the DVD industry isn't.
In fact, mass media in general is just a side-issue - the important thing is that the owner of a computer should be able to control what it does. That's why people are so outraged at DVD drives that prevent fast-forwarding, or play unskippable adverts, or only allow you to change regions 5 times, or dial-up to the internet to download a license (and a list of new restrictions that your computer will impose on you)
Sorry to quote RMS again, but "trecharous computing" really is the phrase for this stuff.
And too many people are fooled by the "if you don't run Windows Media Player with DRM then you must be a copyright-infringer" argument that's so easy to trot-out when someone demands that they be in control of their own computers.
"You don't have a firewall, you have a program that attempts to implement a network policy on your PC."
I'm not sure what level of sarcasm to read into your comment, but it's labelled "Windows Firewall"...
That's rather defeatist.
- Who needs to order the table? Give them a token which allows them to maintain an index of the obscured IDs.
- Who needs to handle references and JOINs? Let them use the hashed version of the ID.
- Who needs to do statistics on the data (e.g. totals from a sales column)? Give then a column of numbers which can be mathematically translated into the total without revealing individual amounts.
- Who needs to do a search? Give them the tokens that allow them to construct the correct query on obscured data.
- Who needs to decrypt a record? Put it's key somewhere constructed so only they can determine it.
Who needs to decrypt the entire database? Actually no-one.Most people already understand this well enough -- think of password files for example, where it's common practise to use hashes and salts, to remove sensitive data from view to a different location, etc.
Thing is, people don't do that most of the time because it's time-consuming and complex and requires lots of thought, not because it's impossible.
Good comments are written first, before the code, describing what the following code does.
That's because the design tools are crap, and you're left to use comments as a replacement for them.
I know what you mean, and I use comments that way all the time. But only because my company doesn't own a single decent UML, flowcharting, or outlining tool.
I have certain programs on my computer that can get past my firewall for various reasons. I often wonder about some of the biggest heists in the world, they're usually done by someone on the inside. If your network is locked down and something from the inside punches a hole in it how do you control any of that?
I'll put specific names where you've only talked generally. At work, I have a brand new Windows XP Pro machine. It had a built-in firewall which is designed to prevent internet access (in or out) without specific permission from me, the user and Administrator of that computer.
Some time later, I notice that InstallShield has successfully contacted the internet to update its list of programs. I checked the firewall again, and it was still set to "no internet access without user permission", and the exceptions were all turned off.
More recently, I was using Windows update, and noticed that it never popped up a window to ask whether I should allow this new program to access the internet. Come to think of it, Internet Explorer itself should never have had permission to connect according to the firewall settings as displayed. And I bet that if I tried, Windows Media Player would be able to download content from the internet regardless of firewall settings.
Insider job indeed! Sure, I could install a firewall from a company that I trust, and the problems would likely go away. But it rather reinforces the point about attacks being insider jobs (in this case, from programs)
The obvious (but perhaps offtopic) thing missing from that list is what some people call "Translucent databases", i.e. a database which is secure against someone with root access to it.
In the simplest case, that means not storing information that isn't required; what the database doesn't know it can't reveal. e.g. why did the SpreadFirefox.com crack reveal phone numbers? Why are universities' computers haemmoraging SSN's and dates of birth? Just don't store them unless they're specifically required.
For other things, you might need a unique identifier rather than a name, SSN, etc., so create one instead of using the actual data. e.g. giving the webstats department a database with a random identifier instead of username in the tables.
If you design your application with these principles in from the start (and I've taken this example from Peter Wayner's book), you can do things like hashing the ID fields with a salt, so that you can reference them, and search on them, but unless you know the salt, you can't look-up an individual item and know what it means.
Then there's data which will only ever be accessed or changed by the user themselves, so why not encrypt it with their password (which isn't stored in the database either) -- it might be inconvenient not being able to "just go in and fix stuff" if the user forgets their password, but sometimes it's worth it for when the database gets cracked and you can say for sure that no information was revealed.
Fake rows of information marked with tokens that require special knowledge to spot. Databases split between buildings. Values stored that require a certain number of users' collaboration to decode. Quantising data (e.g. access times in logs) so that you know approximately what happened when, but the bad guys can't search for a particular transaction by its timestamp -- There's plenty of security you can add to a database, even after you've installed the firewall and set a root password...
"It is certainly not popular to point out, but war is generally what advances civilization in terms of discovery, invention, etc."
That's why some of the African countries in the middle of civil war, are amongst the poorest people on earth, begging on our TV screens for food and medicine?
Just because a country is at war, doesn't mean their defence contractors have billions of dollars of surplus money to spend like some more local countries at war.
People do bad things using Linux on a daily basis including cracking, handling violent or child pornography
This is a taboo now, just liek child porn was? The UK law isn't even passed yet, and it's already forbidden to show cartoon characters hitting one another.
You are entitled to the source code to the missiles that just landed on your head under the terms of the GPL?
Uh, copyright law in general doesn't apply to people creating things for the government|military (any government|military) -- even GPL.
Plenty of people have been screwed by believing that the US government adhered to the Berne convention -- surely your GPL claim is even less significant than all those other *US, commercial* inventors that the federal government has ripped-off so recently?
Red Hat Linux, then Red Flag Linux, and now RedHawk Linux.
"RedHawk... it's like Chinese Communism, but more war-like!
Great branding effort, Lockheed Martin!