So by your logic, I could say that Linux isn't free of charge, because I have to pay for hardware to run it on and hard drive to store it on. Or maybe you know where I can get decent modern hardware free of charge?
Yes, IE is free as in beer. Just like Opera, Safari, and other programs for Windows are free as in beer. Free as in freedom was not being compared. The OP wrote "commercial programs". IE is not a commercial programs. It is freeware.
Because it's not a commercial product we're not going to get the IE experience where the lazy bastards never fix anything and just add features that are broken.
IE is not "commercial product", so your comparison is pointless. By the way, you seem to have missed the fact that Mozilla Coproration (yes, they had to create a corporation because the foundation couldn't handle all the money), the Mozilla Corp. gets tens of milions of dollars a year from Google, as their search box defaults to Firefox. And that is not charity sponsorship, but commercial deal. Firefox is free, but on commercial basis (unlike IE, which is free and doesn't generate any revenue).
For your information, when a publisher publishes e.g. a book written by Mr. Smith, then Mr. Smith remains the copyright holder. Besides, open source is international, so you would need to know something about hundreds of different jurisdictions. Go figure.
Just another good reason to have contributors gift the copyright in their work to the project itself, eg. the FSF or mozilla.org.
In many jurisdictions, you cannot assign (let alone give up) copyright. It protects implicit personal author right. It cannot be given up. Good luck relying on and enforcing your copyright assignment sheets.
Wrong. You can't use GPLed software in any non-GPL software even though the software is Free and Open Source (e.g. Apache License, Mozilla License, BSD, etc.).
Why? Because the GPL requires that the whole software must be licensed under the GPL. Now imagine a large open source project consisting of portions written by hundreds of authors. Some of them dead, some of them impossible to find or contact. As you cannot get their permission for relicensing, you cannot use any GPL code in your software. That's how GPL actually PREVENTS co-operation and sharing in the Open Source and Free Software world.
You are wrong. Internet Explorer escapes URLs correctly. There is no problem with https:/// ftps:// news:// ldap:// and other protocol handlers. It is only the UNKNOWN (to Windows and MS) firefoxurl:// protocol that neither Windows nor MS know HOW TO ESCAPE CORRECTLY! How can they know which URLs are acceptable? How can they know that it shall conform to e.g. HTTP 1.0 spec? It doesn't know which characters to escape or strip and not break the thing. Read what the security researcher said.
IE doesn't sanitise the input. IE's the one building the command line.
God, read TFA. Neither Windows nor IE can know that "chrome" is an insecure word that needs to be taken care of in a special manner. It's Firefox who interprets and executes the "chrome" stuff. Read TFA.
So, maybe you know the answer... Let's see... How exactly is Internet Explorer supposed to know that "chrome" is an insecure keyword that can execute scripts in SOME program out there?
So, um, once again, how exactly is Internet Explorer supposed to know that "chrome" is an insecure keyword that can execute scripts in SOME program out there?
This is certainly not an IE bug, but sloppy security design in Firefox. From TFA:
Meanwhile, Kristensen of Secunia said: "A new URI handler was registered on Windows systems to allow Web sites to force launching Firefox if the 'firefoxurl://' URI was called, like ftp://http:/// or similar would call other applications."
But because of the way the URI handler was registered by Firefox, it causes any parameter--which activates a program to perform a particular task--to be passed from Microsoft's Internet Explorer, or another application, to Firefox, when firefoxurl:// is activated.
An attacker may use "chrome" context--the interface elements of a browser that create the frame around its page displays--to inject code on a user's system that would be executed within Firefox, Kristensen said.
"Registering the URI handler must be done with care, since Windows does not have any proper way of knowing what kind of input potentially could be dangerous for an application," said Kristensen. "For example, how should Windows know that the string 'chrome' could be dangerous for Firefox."
As for XP, yes, the 64-bit version is really minor. However, based on our product stats, about 15% of Vistas are 64-bit. Now, if you realize that the Linux desktop share is only about 1%, I can assure you that 64-bit Windows is at least 1000 times more mainstream than Linux.
You guys seem to be treating copyright law and works protected by copyright like public domain. Also, it is also a very difficult, time-consuming and complex task to decide who holds copyright to which part of a derived work when hundreds of people collaborate. That's why it's nearly impossible to decide which portions of the kernel would need to be rewritten from scratch. Without the consent of all the hundreds of kernel developers, it's practically infeasible to do it legally.
Re:OpenSolaris
on
GPLv3 Released
·
· Score: 2, Informative
Given that, what would be required for such a change would be for Torvalds (or someone else) to publish his intent to start making releases with the new license, as a legal notice.
Torvalds is not the copyright holder of the software released by other copyright holders under GPL2 without the "v2 or any later" clause (except portions of the software he wrote himself). Hence, if he ever attempts to release it under a different license (v3 or whatever) without the consent of the copyright holders, he immediately violates copyright law (remember, he's not the copyright holder and only the copyright holder can change the license terms).
Vistas been out for a few months; XP has been out for more than half a decade. Obviously there are more known bugs in XP than Vista.
You're obviously good at taking things out of context. If you read TFA (or at least the Slashdot summary), you'll know the context. TFA talks about vulnerabilities discovered in the 6 months after Vista release. You didn't really think I claimed that there were only 36 vulnerabilities discovered in XP in 6 years of its existence?
the difference between a bug and a vulnerability is the intelligence of the attacker
The difference can be observed on the numbers: There are hundreds of known bugs, but only a few known vulnerabilities in Windows. Claiming that all bugs can be turned into vulnerabilities is... inherent (and in some cases even provable) nonsense.
First, the author of the submission doesn't know the difference between a bug and a vulnerability. Second, the title ought to read: "Vista Vulnerabilies are Less Serious than in XP" (and there are fewer vulnerabilities in Vista than in XP in total).
That's the reason why only half of them were fixed while in XP most of them.
Long ago, OSI decided to abandon registration of "Open Source" alone, in my opinion on bad advice from their then legal counsel.
Any half-decent lawyer would tell you that it is impossible to get a trademark for something that refers solely to quality, features, class, sort, or attributes.
For example, you cannot trademark the phrase "big red" and than control its use to describe features of different products from different sources.
Officially: "A trademark includes any word, name, symbol, or device, or any combination used, or intended to be used, in commerce to identify and distinguish the goods of one manufacturer or seller from goods manufactured or sold by others, and to indicate the source of the goods."
You are wrong. Steve Jobs showed a "goal" chart where there were only two browsers -- IE (75%) and Safari (25%). It follows that one of the goals is to kill Firefox, Opera et al.
you don't actually *own* software that you purchase
If you owned Windows by buying one copy of it, you could e.g. start selling it. Ownership of software (as opposed to ownership of a copy) means ownership of intellectual property rights, i.e. ownership of copyright. You didn't that by buying a copy you own the software, did you.
but both US and EU copyright laws have explicit exceptions that allow a legal owner of a copy of software to run it
Yes, but you become "a legal owner of a copy of software" only if you agree to the license. Any software you get close to in the US and EU is implicitly (i.e. by default) protected by copyright. You must first acquire rights to use the copyrighted work. To do so, you must agree to the license. That's why GPL and other licenses indeed do work, regardless of any EULA limits that law may or may not impose.
That would be true if we were discussing law, but we're not (or at least, I wasn't.)
So if you say, for example, "copyright", it may mean something else than what is meant when discussing law? If you say the word "relicense" or "release under a new license" it only means one thing, no matter what you believe it means (or what you believed it meant).
When I informed you that you don't know the meaning of the word relicense and that you incorrectly believed that BSD = public domain, you tried to offend me (as being too pedantic). I'm done with this thread. I'm sure you now know what "to relicense" means, so I hopefully wasn't wasting my time completely.
Slashdot Mirror
So by your logic, I could say that Linux isn't free of charge, because I have to pay for hardware to run it on and hard drive to store it on. Or maybe you know where I can get decent modern hardware free of charge?
Yes, IE is free as in beer. Just like Opera, Safari, and other programs for Windows are free as in beer. Free as in freedom was not being compared. The OP wrote "commercial programs". IE is not a commercial programs. It is freeware.
Because it's not a commercial product we're not going to get the IE experience where the lazy bastards never fix anything and just add features that are broken.
IE is not "commercial product", so your comparison is pointless. By the way, you seem to have missed the fact that Mozilla Coproration (yes, they had to create a corporation because the foundation couldn't handle all the money), the Mozilla Corp. gets tens of milions of dollars a year from Google, as their search box defaults to Firefox. And that is not charity sponsorship, but commercial deal. Firefox is free, but on commercial basis (unlike IE, which is free and doesn't generate any revenue).
Spare me your "bollocks" word. Thanks.
For your information, when a publisher publishes e.g. a book written by Mr. Smith, then Mr. Smith remains the copyright holder. Besides, open source is international, so you would need to know something about hundreds of different jurisdictions. Go figure.
Just another good reason to have contributors gift the copyright in their work to the project itself, eg. the FSF or mozilla.org .
In many jurisdictions, you cannot assign (let alone give up) copyright. It protects implicit personal author right. It cannot be given up. Good luck relying on and enforcing your copyright assignment sheets.
you can't use GPLed software in non-free software
Wrong. You can't use GPLed software in any non-GPL software even though the software is Free and Open Source (e.g. Apache License, Mozilla License, BSD, etc.).
Why? Because the GPL requires that the whole software must be licensed under the GPL. Now imagine a large open source project consisting of portions written by hundreds of authors. Some of them dead, some of them impossible to find or contact. As you cannot get their permission for relicensing, you cannot use any GPL code in your software. That's how GPL actually PREVENTS co-operation and sharing in the Open Source and Free Software world.
You are wrong. Internet Explorer escapes URLs correctly. There is no problem with https:/// ftps:// news:// ldap:// and other protocol handlers. It is only the UNKNOWN (to Windows and MS) firefoxurl:// protocol that neither Windows nor MS know HOW TO ESCAPE CORRECTLY! How can they know which URLs are acceptable? How can they know that it shall conform to e.g. HTTP 1.0 spec? It doesn't know which characters to escape or strip and not break the thing. Read what the security researcher said.
IE doesn't sanitise the input. IE's the one building the command line.
God, read TFA. Neither Windows nor IE can know that "chrome" is an insecure word that needs to be taken care of in a special manner. It's Firefox who interprets and executes the "chrome" stuff. Read TFA.
Internet Explorer is making a user-initiated request and passing it to Firefox. Firefox doesn't sanitize input. Go figure.
So, maybe you know the answer... Let's see... How exactly is Internet Explorer supposed to know that "chrome" is an insecure keyword that can execute scripts in SOME program out there?
So, um, once again, how exactly is Internet Explorer supposed to know that "chrome" is an insecure keyword that can execute scripts in SOME program out there?
This is certainly not an IE bug, but sloppy security design in Firefox. From TFA:
," said Kristensen. "For example, how should Windows know that the string 'chrome' could be dangerous for Firefox."
Meanwhile, Kristensen of Secunia said: "A new URI handler was registered on Windows systems to allow Web sites to force launching Firefox if the 'firefoxurl://' URI was called, like ftp:// http:/// or similar would call other applications."
But because of the way the URI handler was registered by Firefox, it causes any parameter--which activates a program to perform a particular task--to be passed from Microsoft's Internet Explorer, or another application, to Firefox, when firefoxurl:// is activated.
An attacker may use "chrome" context--the interface elements of a browser that create the frame around its page displays--to inject code on a user's system that would be executed within Firefox, Kristensen said.
"Registering the URI handler must be done with care, since Windows does not have any proper way of knowing what kind of input potentially could be dangerous for an application
No. When someone says 1000 times more, it may not be literal. I forgot this is Slashdot, where everything is taken literally...
As for XP, yes, the 64-bit version is really minor. However, based on our product stats, about 15% of Vistas are 64-bit. Now, if you realize that the Linux desktop share is only about 1%, I can assure you that 64-bit Windows is at least 1000 times more mainstream than Linux.
You guys seem to be treating copyright law and works protected by copyright like public domain. Also, it is also a very difficult, time-consuming and complex task to decide who holds copyright to which part of a derived work when hundreds of people collaborate. That's why it's nearly impossible to decide which portions of the kernel would need to be rewritten from scratch. Without the consent of all the hundreds of kernel developers, it's practically infeasible to do it legally.
Given that, what would be required for such a change would be for Torvalds (or someone else) to publish his intent to start making releases with the new license, as a legal notice.
Torvalds is not the copyright holder of the software released by other copyright holders under GPL2 without the "v2 or any later" clause (except portions of the software he wrote himself). Hence, if he ever attempts to release it under a different license (v3 or whatever) without the consent of the copyright holders, he immediately violates copyright law (remember, he's not the copyright holder and only the copyright holder can change the license terms).
Could this be an attempt to strike back for this or perhaps this? (EU:Google 2:1)
Or rather a lame attempt to weaken the impact of things like this?
Vistas been out for a few months; XP has been out for more than half a decade. Obviously there are more known bugs in XP than Vista.
You're obviously good at taking things out of context. If you read TFA (or at least the Slashdot summary), you'll know the context. TFA talks about vulnerabilities discovered in the 6 months after Vista release. You didn't really think I claimed that there were only 36 vulnerabilities discovered in XP in 6 years of its existence?
the difference between a bug and a vulnerability is the intelligence of the attacker
... inherent (and in some cases even provable) nonsense.
The difference can be observed on the numbers: There are hundreds of known bugs, but only a few known vulnerabilities in Windows. Claiming that all bugs can be turned into vulnerabilities is
First, the author of the submission doesn't know the difference between a bug and a vulnerability. Second, the title ought to read: "Vista Vulnerabilies are Less Serious than in XP" (and there are fewer vulnerabilities in Vista than in XP in total).
That's the reason why only half of them were fixed while in XP most of them.
Long ago, OSI decided to abandon registration of "Open Source" alone, in my opinion on bad advice from their then legal counsel.
Any half-decent lawyer would tell you that it is impossible to get a trademark for something that refers solely to quality, features, class, sort, or attributes.
For example, you cannot trademark the phrase "big red" and than control its use to describe features of different products from different sources.
Officially: "A trademark includes any word, name, symbol, or device, or any combination used, or intended to be used, in commerce to identify and distinguish the goods of one manufacturer or seller from goods manufactured or sold by others, and to indicate the source of the goods."
You are wrong. Steve Jobs showed a "goal" chart where there were only two browsers -- IE (75%) and Safari (25%). It follows that one of the goals is to kill Firefox, Opera et al.
you don't actually *own* software that you purchase
If you owned Windows by buying one copy of it, you could e.g. start selling it. Ownership of software (as opposed to ownership of a copy) means ownership of intellectual property rights, i.e. ownership of copyright. You didn't that by buying a copy you own the software, did you.
in the UK and EU
;-)
Nitpick: UK is a member of the EU, so the UK part was redundant.
but both US and EU copyright laws have explicit exceptions that allow a legal owner of a copy of software to run it
Yes, but you become "a legal owner of a copy of software" only if you agree to the license. Any software you get close to in the US and EU is implicitly (i.e. by default) protected by copyright. You must first acquire rights to use the copyrighted work. To do so, you must agree to the license. That's why GPL and other licenses indeed do work, regardless of any EULA limits that law may or may not impose.
That would be true if we were discussing law, but we're not (or at least, I wasn't.)
So if you say, for example, "copyright", it may mean something else than what is meant when discussing law? If you say the word "relicense" or "release under a new license" it only means one thing, no matter what you believe it means (or what you believed it meant).
When I informed you that you don't know the meaning of the word relicense and that you incorrectly believed that BSD = public domain, you tried to offend me (as being too pedantic). I'm done with this thread. I'm sure you now know what "to relicense" means, so I hopefully wasn't wasting my time completely.