Software patents are bad, yet they still exist, and you have to live with that reality. Red Hat is not just filing for defensive patents, it is also pouring resources into patent reform. In an ideal world, software patents would be a non-issue, and Red Hat is at the forefront of making that a reality.
In the current reality, it's impossible for OSS to infringe on Red Hat's patents because of the patent promise which is legally binding and irrevocable. I have no idea what Red Hat's strategy for infringement from non-OSS software is, but it sounds like it's a 'live and let live' attitude. As long as you don't attack Red Hat with your patents, Red Hat won't come after you with theirs. Given reality, that seems an entirely sensible and prudent stance.
The big problem with ecommerce is that privacy laws in the US are very, very weak. Database Nation by Simson Garfinkel has a very nice description of why the US considered privacy legislation in the 70's, congress came up with recommendations and failed to pass laws based on these recommendations. Most European countries did, though.
The recommendations, and the legal situation in most European countries, are:
Tell people what information you are going to store about them.
Do not share this information with others unless people give you permission to do so.
Everybody has a right to know what information you are storing about them.
The lack of these kinds of protections in the US is what makes me very wary of using lots of ecommerce, since the situation here is more: give us as much information about you as possible, we will generate some more from your use of our service and then run with it. What scares me is the secrecy of the whole process, the fact that it is almost impossible to find out who is doing what with your data and how it will affect you in the future. Will raising a stink with Amazon.com make it more difficult for me to get a house loan in the future ?
Without privacy laws on the books, we are headed for a future similar to Kafka's Trial: companies make decisions about you based on information about you that is essentially secret. Until I as a consumer have certain rights to review my data and find out about it, I don't want those ecommerce sites to build a "web of trust" about my online shopping behavior. Don't give them any ideas.
Your theology is horribly flawed. We are indeed directed to do unto others as we would have them do unto us. That is nearly diametrically opposite to forcing others to do what we want them to do. Coercion is not free-will. Without free will, there is no chance for goodness, nor for any choice whatsoever.
Little case study: I give my car to my buddy for the weekend. I tell him:"Give it back to me Sunday night because I need to drive to work with it Monday morning. And, BTW, don't drive drunk. If you wreck the car I'll come after you." I just coerced my buddy and seriously curtailed his free will. What about his free will to keep the car for a week ? What about his free will to get wasted, drive the car into a tree and smile ? I am such a tyrant.
The GPL is nothing like that. It is not a free gift, being kind and generous and decent even to those who use those gifts in ways that the doner disapproves of.
I still think that any code I write belongs to me. So I get to say what people can do with it. The GPL sets forth rules that protect my minimal interests: you can play with it, you can poke at it, you can change it, but no thanks, you cannot take the rights away from others that I just gave you. I'd call that ingratitude. And what's wrong with putting in writing that you expect a little bit of gratitude ?
Actually, if you forget the root password, you don't need a boot disk to fix it: boot into single user mode (usually by typing linux single at the LILO prompt). Once the system comes up, you are in a root shell and can run passwd to your heart's content.
I can't believe that that's not possible in NT. After all, if somebody has physical access to a machine and can power-cycle it, you're beyond the protection that a password can give you anyway...
I think this is at the very heart of the NSA's operation. At least, the US crypto policies make only sense in the context of industrial espionage. Those big bad terrorists won't be kept from strong crypto just because American companies don't export it. But if you run any kind of company abroad, chances are that you'll just use off-the-shelf programs for email etc. If those programs don't provide strong crypto, many foreign companies won't go through the trouble of using it. And the NSA/CIA have easier listening.
There are quite a few cases where the NSA/CIA handed information they had gleaned from their signals operations abroad to US companies. Some German politicians estimate that this type of espionage (mainly by the US and France) costs the German economy billions of dollars each year. But of course, you don't want to piss off your biggest ally by protesting too forcefully against these things.
It's very tempting to hope that XML will solve all the problems that config files cause. I don't think that it would get us that far.
The main purpose of XML is to add machine-readable semantics to data by marking that string up as an address and this string as a last name. To create the grand unified config DTD, we would need to describe the semantics of all those config files in a grand unified way. For simple config files of the key-value type this would be great: mark the key 'background' as <COLOR> and the config file editor knows that a color chooser needs to be popped up. A config DTD would at least relieve the burden of writing yet another crummy key-value parser and make all kinds of config editors possible.
For other kinds of config files this seems very hard. For one, many config files are really written in some kind of (often braindead) language: think of sendmail.cf or procmail files or.emacs files. Each config file is really a program in a language that can at least do ifs; it would be great to replace all this little languages by one consistent language, but that replacement would help the computer little to understand the semantics of the config file - and therefore no go for the grand unified config editor.
A Swedish teenager has to go to court because his website contains links to copyright-protected music. The Swedish recording industry is trying to create a precedent with this suit.
Stockholm - The 17-year old Swede Tommy Olsson is being accused of providing copyright-protected music for free download on his webpage. The suit has been brought by the Swedish branch of the International Federation of the Phonographic Industry (IFPI) consisting of 53 record companies. Olssons webpage contained links to the music files. His attorney Per Olof Almer argued that Olsson didn't create, copy or transfer the files himself. "He only spread the information on where to find them".
This is the first case of its kind in Europe said the attorney for the recording industry, Magnus Maartenson. The Swedish IFPI has moved against approximately 1000 websites for copyright violations in the last two years. Tommy Olsson though is the first person who has to appear in court because of his website. The music industry quite obviously is trying to create a legal precedent with this case: "It's not about the whole recording industry pushing on one 17-year old" emphasized Maartensson.
Olsson made only a few hundred dollars from advertisements on his webpage said Maartensson. If found guilty, he will have to pay a fine of 150 to 250 Dollars. This amount will not be enough to deter others said Maartensson. "But if he is found guilty, we can sue him for damages and that will be a much bigger amount." The sentence is expected for next Wednesday.
Will "Der Spiegel" now sue me for copyright infringement ? Things are getting crazy on the web
I think the advent of all those MS "competitors" amounts to little more than to holes in Swiss cheese.
What bothers me much more is that, even if MS is found guilty, the verdict will be way too late. One of the big arguments against MS is that they are exploiting and magnifying network effects, meaning that since everybody is already using MS products and they supposedly work well together, since it's more efficient to write applications for a big installed base etc. they have a much easier sell than their competition.
The current antitrust laws are horribly inadequate since they concentrate on punishment, way after the damage has been done. It's similar to shutting down the fire department and diverting all the funds to convicting arsonists. You'll get the guilty at the cost of a lot of charred houses.
A more proactive set of laws would be much more useful. Forcing open standards on software companies to ensure vendor-independent interoperability would be a possible start. Instead of punishing improper business practices, much more attention should be paid to emerging network effects and to keeping the impact of these effects as small as possible.
Possible solutions might violate the spirit of a free market as it is understood today, but would surely increase the common good for society. After all, free markets aren't a natural phenomenon. A free market is what our laws define it to be.
RedHat would be silly to pour their marketing money into a product that can be easily associated with a competitor. Yes, it sucks, but thats the market.
RedHat would be even sillier to enter more deals 'X for RedHat Linux'. I can only think of two reasons that would definitely force me to switch from RedHat: (a) if they pull some technical crap that makes their distro clearly inferior to others (b) if they pull some marketing crap that tries to dominate the distro market not on technical merit but incompatible lockins.
Then again, as Joe Average I'm probably no longer in the market segment that RedHat is after. Any attempt at balkanizing Linux will kill RedHat's longterm viability, they will be sawing on the branch they're sitting on. And the Linux community is much more vigilant than the Windows community was when Microsoft succeeded in locking everybody into their product. If RedHat tries, they will face outrage, boycotts etc. way before their strategic moves could benefit them.
RedHat would be very well advised to avoid even the appearance of trying to corner the distro market. 'CodeWarrior for RedHat Linux' is a PR disaster at best.
I am very impressed by this very clueful decision.
I think it's rather funny that the statement harps very much on the economic need for strong crypto. It sounds like some people read the recent report by the EU and din't like what it said. The statement mentions that information is becoming a raw material which needs to be protected and only gives passing note to privacy concerns. I wonder how many of the hard-lobbying German companies have been burnt by inadequate crypto; I remember a few stories about German companies losing technological advantages because their latest and greatest R&D was picked off from insecure emails etc.
It also states that the German government will try to raise crypto awareness, so not only will they allow its development, sell and use but they will actually promote crypto and an understanding of why it is important.
I'm appalled by these findings. I always dismissed stories of what the spooks are listening to as totally blown out of proportion. Not any more. After reading the technical details section in the report it seems clear that the NSA so far must be ecstatic with joy over the popularity of the Internet: less pesky voice recognition, less error-prone handwriting recognition, more digital food, easy to digest, high in information content and relatively easy to filter.
I think the best way to make the spooks life harder is for as many people as possible to use strong crypto: the more well-encrypted messages they listen to the more resources they have to dedicate to the much harder task of breaking strong crypto rather than developing strong filters.
If I were a company interested in keeping my stuff secret, I wouldn't buy any American software: the Lotus example in the report is ridiculous --- does the US government really need a convenient way of listening in on the Swiss governments internal dealings ?
The only reasonable choice is Free Software. Use GPG, hit on it, beat on it, try to break it until we can believe it's reasonably secure.
Fill the Internet with encrypted noise to get the spooks sweating. It's not important if they can break your 'Happy birthday, Mom!' message; but all those encrypted 'Happy birthday' messages might keep them from reading the stuff you really don't want anybody to read.
I highly agree. I read that thread "GNU == unspeakable evil" on gnu.misc.discuss. It was completely ridiculous: Christiansen got rubbed the wrong way by the FSF claiming that there was no free Perl documentation. He went on long raves and rants to show how stupid the FSF is and that the Perl doc was free. Problem was he was talking about free beer, they were talking about free speech. But no matter how many people pointed that difference out to him, he wouldn't stop complaining. And complain he did, in the most hideous ways.
From that whole incident, I got the impression that Christiansen might be the worlds greatest programmer, but outside of technical matters it's almost impossible to reason with him on a logical basis. This posting is just more of the same: come to a conclusion, scurry around for some arguments and season with a lot of insults (like 'scummy').
I am not the biggest RMS fan in the world, but I'd rather think about RMS arguments (which at least contain some logic) than Christiansens hodge-podge of mainly enormous anger. It's very sad to see somebody of great technical talent like Christiansen foam from the mouth so much.
The Electronic Frontier Foundation built custom chips to crack DES by brute force. It took them $250000 and a few months to design the whole thing. I forget how long it took them to crack a DES key, but it wasn't very long.
They wrote a nice-to-read book about it all. It's online somewhere on replay.com . An excellent read. I'm surprised that UNC guy didn't mention it.
The scary thing is that $250000 or $60000 is pocket change for the NSA guys. I don't want to know how long it takes them to break DES keys.
At least in the case of Netscape, this is a very strange view: Tim Berners-Lee tested his ideas at CERN in Geneva, which is funded by several governments; then some people at the NCSA (government funded) thought it would be a good idea to implement a browser for this web-thingy. Then Andreesen met Jim Clark, convinced him that that would be a great business idea, hired all his coworkers (who had developed their crucial know-how on government money) and went to unbelievable success.
No, Netscape was not created by the government. But government funding was crucial to get it to a point where something could be shown to investors to get them interested.
BTW, how do you think Universities fund their research ? NSF, NIH, Army, Navy, Air Force.
Slashdot Mirror
Software patents are bad, yet they still exist, and you have to live with that reality. Red Hat is not just filing for defensive patents, it is also pouring resources into patent reform. In an ideal world, software patents would be a non-issue, and Red Hat is at the forefront of making that a reality.
In the current reality, it's impossible for OSS to infringe on Red Hat's patents because of the patent promise which is legally binding and irrevocable. I have no idea what Red Hat's strategy for infringement from non-OSS software is, but it sounds like it's a 'live and let live' attitude. As long as you don't attack Red Hat with your patents, Red Hat won't come after you with theirs. Given reality, that seems an entirely sensible and prudent stance.
The big problem with ecommerce is that privacy laws in the US are very, very weak. Database Nation by Simson Garfinkel has a very nice description of why the US considered privacy legislation in the 70's, congress came up with recommendations and failed to pass laws based on these recommendations. Most European countries did, though.
The recommendations, and the legal situation in most European countries, are:
The lack of these kinds of protections in the US is what makes me very wary of using lots of ecommerce, since the situation here is more: give us as much information about you as possible, we will generate some more from your use of our service and then run with it. What scares me is the secrecy of the whole process, the fact that it is almost impossible to find out who is doing what with your data and how it will affect you in the future. Will raising a stink with Amazon.com make it more difficult for me to get a house loan in the future ?
Without privacy laws on the books, we are headed for a future similar to Kafka's Trial: companies make decisions about you based on information about you that is essentially secret. Until I as a consumer have certain rights to review my data and find out about it, I don't want those ecommerce sites to build a "web of trust" about my online shopping behavior. Don't give them any ideas.
Your theology is horribly flawed. We are indeed directed to do unto others as we would have them do unto us. That is nearly diametrically opposite to forcing others to do what we want them to do. Coercion is not free-will. Without free will, there is no chance for goodness, nor for any choice whatsoever.
Little case study: I give my car to my buddy for the weekend. I tell him:"Give it back to me Sunday night because I need to drive to work with it Monday morning. And, BTW, don't drive drunk. If you wreck the car I'll come after you." I just coerced my buddy and seriously curtailed his free will. What about his free will to keep the car for a week ? What about his free will to get wasted, drive the car into a tree and smile ? I am such a tyrant.
The GPL is nothing like that. It is not a free gift, being kind and generous and decent even to those who use those gifts in ways that the doner disapproves of.
I still think that any code I write belongs to me. So I get to say what people can do with it. The GPL sets forth rules that protect my minimal interests: you can play with it, you can poke at it, you can change it, but no thanks, you cannot take the rights away from others that I just gave you. I'd call that ingratitude. And what's wrong with putting in writing that you expect a little bit of gratitude ?
Actually, if you forget the root password, you don't need a boot disk to fix it: boot into single user mode (usually by typing linux single at the LILO prompt). Once the system comes up, you are in a root shell and can run passwd to your heart's content.
...
I can't believe that that's not possible in NT. After all, if somebody has physical access to a machine and can power-cycle it, you're beyond the protection that a password can give you anyway
I think this is at the very heart of the NSA's operation. At least, the US crypto policies make only sense in the context of industrial espionage. Those big bad terrorists won't be kept from strong crypto just because American companies don't export it. But if you run any kind of company abroad, chances are that you'll just use off-the-shelf programs for email etc. If those programs don't provide strong crypto, many foreign companies won't go through the trouble of using it. And the NSA/CIA have easier listening.
There are quite a few cases where the NSA/CIA handed information they had gleaned from their signals operations abroad to US companies. Some German politicians estimate that this type of espionage (mainly by the US and France) costs the German economy billions of dollars each year. But of course, you don't want to piss off your biggest ally by protesting too forcefully against these things.
It's very tempting to hope that XML will solve all the problems that config files cause. I don't think that it would get us that far.
.emacs files. Each config file is really a program in a language that can at least do ifs; it would be great to replace all this little languages by one consistent language, but that replacement would help the computer little to understand the semantics of the config file - and therefore no go for the grand unified config editor.
The main purpose of XML is to add machine-readable semantics to data by marking that string up as an address and this string as a last name. To create the grand unified config DTD, we would need to describe the semantics of all those config files in a grand unified way. For simple config files of the key-value type this would be great: mark the key 'background' as <COLOR> and the config file editor knows that a color chooser needs to be popped up. A config DTD would at least relieve the burden of writing yet another crummy key-value parser and make all kinds of config editors possible.
For other kinds of config files this seems very hard. For one, many config files are really written in some kind of (often braindead) language: think of sendmail.cf or procmail files or
17-year old Swede sued
A Swedish teenager has to go to court because his website contains links to copyright-protected music. The Swedish recording industry is trying to create a precedent with this suit.
Stockholm - The 17-year old Swede Tommy Olsson is being accused of providing copyright-protected music for free download on his webpage. The suit has been brought by the Swedish branch of the International Federation of the Phonographic Industry (IFPI) consisting of 53 record companies. Olssons webpage contained links to the music files. His attorney Per Olof Almer argued that Olsson didn't create, copy or transfer the files himself. "He only spread the information on where to find them".
This is the first case of its kind in Europe said the attorney for the recording industry, Magnus Maartenson. The Swedish IFPI has moved against approximately 1000 websites for copyright violations in the last two years. Tommy Olsson though is the first person who has to appear in court because of his website. The music industry quite obviously is trying to create a legal precedent with this case: "It's not about the whole recording industry pushing on one 17-year old" emphasized Maartensson.
Olsson made only a few hundred dollars from advertisements on his webpage said Maartensson. If found guilty, he will have to pay a fine of 150 to 250 Dollars. This amount will not be enough to deter others said Maartensson. "But if he is found guilty, we can sue him for damages and that will be a much bigger amount." The sentence is expected for next Wednesday.
Will "Der Spiegel" now sue me for copyright infringement ? Things are getting crazy on the web
I think the advent of all those MS "competitors" amounts to little more than to holes in Swiss cheese.
What bothers me much more is that, even if MS is found guilty, the verdict will be way too late. One of the big arguments against MS is that they are exploiting and magnifying network effects, meaning that since everybody is already using MS products and they supposedly work well together, since it's more efficient to write applications for a big installed base etc. they have a much easier sell than their competition.
The current antitrust laws are horribly inadequate since they concentrate on punishment, way after the damage has been done. It's similar to shutting down the fire department and diverting all the funds to convicting arsonists. You'll get the guilty at the cost of a lot of charred houses.
A more proactive set of laws would be much more useful. Forcing open standards on software companies to ensure vendor-independent interoperability would be a possible start. Instead of punishing improper business practices, much more attention should be paid to emerging network effects and to keeping the impact of these effects as small as possible.
Possible solutions might violate the spirit of a free market as it is understood today, but would surely increase the common good for society. After all, free markets aren't a natural phenomenon. A free market is what our laws define it to be.
RedHat would be even sillier to enter more deals 'X for RedHat Linux'. I can only think of two reasons that would definitely force me to switch from RedHat: (a) if they pull some technical crap that makes their distro clearly inferior to others (b) if they pull some marketing crap that tries to dominate the distro market not on technical merit but incompatible lockins.
Then again, as Joe Average I'm probably no longer in the market segment that RedHat is after. Any attempt at balkanizing Linux will kill RedHat's longterm viability, they will be sawing on the branch they're sitting on. And the Linux community is much more vigilant than the Windows community was when Microsoft succeeded in locking everybody into their product. If RedHat tries, they will face outrage, boycotts etc. way before their strategic moves could benefit them.
RedHat would be very well advised to avoid even the appearance of trying to corner the distro market. 'CodeWarrior for RedHat Linux' is a PR disaster at best.
I think it's rather funny that the statement harps very much on the economic need for strong crypto. It sounds like some people read the recent report by the EU and din't like what it said. The statement mentions that information is becoming a raw material which needs to be protected and only gives passing note to privacy concerns. I wonder how many of the hard-lobbying German companies have been burnt by inadequate crypto; I remember a few stories about German companies losing technological advantages because their latest and greatest R&D was picked off from insecure emails etc.
It also states that the German government will try to raise crypto awareness, so not only will they allow its development, sell and use but they will actually promote crypto and an understanding of why it is important.
This rocks !
I'm appalled by these findings. I always dismissed stories of what the spooks are listening to as totally blown out of proportion. Not any more. After reading the technical details section in the report it seems clear that the NSA so far must be ecstatic with joy over the popularity of the Internet: less pesky voice recognition, less error-prone handwriting recognition, more digital food, easy to digest, high in information content and relatively easy to filter.
I think the best way to make the spooks life harder is for as many people as possible to use strong crypto: the more well-encrypted messages they listen to the more resources they have to dedicate to the much harder task of breaking strong crypto rather than developing strong filters.
If I were a company interested in keeping my stuff secret, I wouldn't buy any American software: the Lotus example in the report is ridiculous --- does the US government really need a convenient way of listening in on the Swiss governments internal dealings ?
The only reasonable choice is Free Software. Use GPG, hit on it, beat on it, try to break it until we can believe it's reasonably secure.
Fill the Internet with encrypted noise to get the spooks sweating. It's not important if they can break your 'Happy birthday, Mom!' message; but all those encrypted 'Happy birthday' messages might keep them from reading the stuff you really don't want anybody to read.
I highly agree. I read that thread "GNU == unspeakable evil" on gnu.misc.discuss. It was completely ridiculous: Christiansen got rubbed the wrong way by the FSF claiming that there was no free Perl documentation. He went on long raves and rants to show how stupid the FSF is and that the Perl doc was free. Problem was he was talking about free beer, they were talking about free speech. But no matter how many people pointed that difference out to him, he wouldn't stop complaining. And complain he did, in the most hideous ways.
From that whole incident, I got the impression that Christiansen might be the worlds greatest programmer, but outside of technical matters it's almost impossible to reason with him on a logical basis. This posting is just more of the same: come to a conclusion, scurry around for some arguments and season with a lot of insults (like 'scummy').
I am not the biggest RMS fan in the world, but I'd rather think about RMS arguments (which at least contain some logic) than Christiansens hodge-podge of mainly enormous anger. It's very sad to see somebody of great technical talent like Christiansen foam from the mouth so much.
The Electronic Frontier Foundation built custom chips to crack DES by brute force. It took them $250000 and a few months to design the whole thing. I forget how long it took them to crack a DES key, but it wasn't very long.
They wrote a nice-to-read book about it all. It's online somewhere on replay.com . An excellent read. I'm surprised that UNC guy didn't mention it.
The scary thing is that $250000 or $60000 is pocket change for the NSA guys. I don't want to know how long it takes them to break DES keys.
At least in the case of Netscape, this is a very strange view: Tim Berners-Lee tested his ideas at CERN in Geneva, which is funded by several governments; then some people at the NCSA (government funded) thought it would be a good idea to implement a browser for this web-thingy. Then Andreesen met Jim Clark, convinced him that that would be a great business idea, hired all his coworkers (who had developed their crucial know-how on government money) and went to unbelievable success.
No, Netscape was not created by the government. But government funding was crucial to get it to a point where something could be shown to investors to get them interested.
BTW, how do you think Universities fund their research ? NSF, NIH, Army, Navy, Air Force.