"It's been UK police policy for at least two decades [...] His post could have been a joke, or it could have been a crazy person who actually meant it. It's the job of the police to check which it is, and that may include arresting him."
That would seem quite a good policy. It's only that is *NOT* UK police policy as per the current example.
It's more "arrest first, then check" than the other way around.
"What determines the price of a scale is not just its equipment or accuracy.. but also the insurance the manufacturer has to carry in case something goes wrong."
What determines the price of any gizmo is a lot of a helluva of things but mainly what the consumer is wanting to pay. Medical systems are expected to be expensive so why charge less?
"Just make sure it's a non-exclusive license, or non-exclusive transfer of copyright."
Why? I already stated it: "review there's nothing you dislike". That he dislikes exclusive licensing or transferring copyrights is absolutly up to him (maybe he is completly OK with that provided there's enough money over the table). The lawyer is in place so he is reassured he understood the exact implications of what he's about to sign, not to put any forefront limits to what is signing.
"a teacher looked in a locker and saw a cardboard box filled with electronics and plasticine. I guess the terrorists won back then"
You can bet it. Plasticine is plasticine and electronics in a box are electronics in a box. Having the school evacuated was overreaction due to the "terror of terrorism".
The fact you don't even notice this is further proof of their victory.
Provided you are the only copyright holder of the software, just ask them for a big money chunk, half in advance, and tell they'll even be able to write the license themselves, so there's no doubt that's what they want. Get the license to a lawyer (you already have part of the money) to review there's nothing you dislike and then sign it up.
"In this day and age it should be possible to run a bit of software inside a box from which it will never escape. Its very simple."
The problem is that's very unseful too.
"No socket connections."
So no access to the Internet.
"No file system access."
So no permanent storage.
"No shared me memory access"
So no interprocess communication (yes, I'm aware of other means, but I bet he wants them banned too: look at his first "no").
So you end up with a computer that can't be harmed but can't do anything useful either. Well, just don't turn on the computer: same end effect, only easier.
"Simple solution to achieve your wish... Deport all the cheap labor Indians on H1-B visas and there would be a huge upswing in demand for domestic IT personnel."
Or else, a huge upswing in demand for attornies with experience on outsourcing companies to cheap labor countries like India.
" I'm not a survivalist per se but we keep plenty of food stores and several gallons of potable water handy in case of a natural (or even unnatural) disaster."
You store the food, I'll store the weapons. See what happens when I pay you a visit after the armaggedon.
"that depressed people need to cheer up and autistic kids just need a slap upside the head"
He don't think so. Instead, he does think (and so do I) that most children diagnosed autistic, depressed or hiperactive are not but just children in all his glory diversity and/or without enough careness.
I also have my own opinions about why a doctor would tend to diagnose something to belong to his discipline (for a man with a hammer...) or why pharmas would prefer 30% of global population consuming their pills instad of only 1% or why overburdened/careless parents would prefer to cope with their children by means of pills instead of their own energy and/or why they prefer to hear that any misconduct from their breed is not their fault but some illness out of their control.
Being that the case is that when a zero-day exploit is published big names are able to respond within hours I'll bet that yes, a month or two is quit enough. Of course, if you ask the question to the vendors themselves they'll want to answer that even the whole eternity is not enough for them since actually they don't give a damn about security unless heavily pressed to do so (as it happens to be case after a zero-day exploit is in the wild).
"These security researchers want *their* bugs to have top priority"
Only two choices: 1) They are right: "their" bugs are top priority and publishing them will demonstrate (and the vendors will learn about them for free). 2) They are wrong: "their" bugs are not so top priority; they'll publish them and the affected vendors will follow bussiness as usual fixing their top priority first, then those from the security firm (and they'll find about them for free).
All in all both the vendors and the market will end up with a net gain. Let's not forget that resposibility for buggy software *must* be on the side of those producing buggy software, not on those that ring the bell, or else Woodward and Bernstein would be the guilty side on the Watergate scandal, not Nixon.
"That's why they can build better cars at a far lower cost than their American competitors can, for example.
Ahh I was somehow under the false impression that they were able to make cheaper cars due to lower wages, less environmental regulations, and the lack of labor unions."
A false impresion indeed. Germany is not under lower wages, less environmental regulations and have strong unions. Despite of that they manage to build BMWs, Audis or Mercedes.
"In all fairness, (not trying to troll, honest) unions aren't for educated workers who can make rational decisions."
Because? On one hand you have big corporations with money even to press government to pass laws as they see fit, on the other hand your bare strengh. The only rational decision seems to be to unionize to counterbalance the hughe different in strenghs and power.
"Presto, no more late nights!"
And "Presto, no more money to pay for the mortage!"
"Methinks it is about time we got a professional body (or for those so inclined a union) [...] to make sure job stay local as the other professions do."
There are trades and trades. Just try to force a company to maintain its datacenter on local personnel and next you'll see is the datacenter being outsourced as a whole. How many japanese cars were roading in USA by the sixties?
On the other hand, for profiles that cannot be easily outsourced, yes, professional bodies and unions are the way to go no matter how "antiamerican" the big tycoons try to make it seem. What do you thing a corporation is but a union on the financial side? If the financial side can unionize why the labour part shouldn't?
"I'd worry about my government if they did nothing to encourage safe IT practices and if they did nothing but offer passive defense against the hackers employed by opposition countries."
You seem to forget we are not talking here about goverment IT services, do you? We are talking here about privately held bussiness. What the hell has government to do with them except getting away from their path as much as possible?
Quite to the point. Licenses are nothing but legal means to enforce an agenda. You can say how good is the license by how well it manages to push that given agenda. *If* your agenda is pushing for a community effort, both GPL and BSD allow for it *but* both of them have "holes" to counter such agenda.
The "hole" in the GPL is the one Monty saw: instead of a community effort, let's control all development (open source with closed community): that way we'll be able to double-license (now that Monty doesn't control MySQL intellectual property he whines about how he is able to double license no more).
The same goes with BSD, only it's even more obvious: you can get the codebase for free and use it as an starting point for your proprietary development (thus it can take years for PostgreSQL to get working replication out-of-the-box while there exists proprietary extensions for such a feature). This can obviously be exacerbated on a "closed community" environment where it's not only that the asked for feature is not developed but even rejected by the gurus.
Two more things:
1) The first "if" is a big one: in fact I don't think serious BSD adopters will accept it -they shouldn't choose such a license if they were in fact interested on an "open community" effort.
2) GPL is more resistant towards the "open community" model: at the start BSD and GPL are in reality quite the same (look at the ton of "solo show" developments on, say, freshmeat, even under the GPL) but for succedding projects a point arises where like in a snowball rolling down a hill benefits become so great that even companies find compelling to "lend" a bit of their code in order to get the massive amount of codebase they earn in exchange (Linux kernel being the paramount example) where BSD doesn't have such a "breaking point".
"MySQL was much more open and Monty/etc were investing their time to reimplement -instead of rejecting- into their proprietary fork what OSS community was contributing to GPL'ed MySQL."
Not that I'm aware of an example of this. To my knowledge proprietary licensed MySQL has to-date not a single code line that it is not on the GPL'ed version. But they certainly asked for copyright cesion or wouldn't accept a third party patch. But if they found the feature to be of interest they certainly would reimplement it and make it avaliable under double license if only because it's easier to mantain the code base that way while, at the same time, it wouldn't degrade their bussiness case (companies looking for licensed products don't do it because of the codebase itself but for other bussiness -not technical, reasons). Again, BSD doesn't favour (while not impedes) such behaviour.
"GPL is even more dependent on government force than proprietary software is"
Half true; GPL is not more government dependant than propietary software is and probably a bit less... but even this is utterly irrelevant since GPL's government dependency only needs to last for as long as government's support for proprietary software it works against.
"It's been UK police policy for at least two decades [...] His post could have been a joke, or it could have been a crazy person who actually meant it. It's the job of the police to check which it is, and that may include arresting him."
That would seem quite a good policy. It's only that is *NOT* UK police policy as per the current example.
It's more "arrest first, then check" than the other way around.
"What determines the price of a scale is not just its equipment or accuracy.. but also the insurance the manufacturer has to carry in case something goes wrong."
What determines the price of any gizmo is a lot of a helluva of things but mainly what the consumer is wanting to pay. Medical systems are expected to be expensive so why charge less?
"Just make sure it's a non-exclusive license, or non-exclusive transfer of copyright."
Why? I already stated it: "review there's nothing you dislike". That he dislikes exclusive licensing or transferring copyrights is absolutly up to him (maybe he is completly OK with that provided there's enough money over the table). The lawyer is in place so he is reassured he understood the exact implications of what he's about to sign, not to put any forefront limits to what is signing.
"a teacher looked in a locker and saw a cardboard box filled with electronics and plasticine. I guess the terrorists won back then"
You can bet it. Plasticine is plasticine and electronics in a box are electronics in a box. Having the school evacuated was overreaction due to the "terror of terrorism".
The fact you don't even notice this is further proof of their victory.
Provided you are the only copyright holder of the software, just ask them for a big money chunk, half in advance, and tell they'll even be able to write the license themselves, so there's no doubt that's what they want. Get the license to a lawyer (you already have part of the money) to review there's nothing you dislike and then sign it up.
Easy.
"You know, I really love Iron Maiden... but I guess the WHO gets my vote now..."
You got it wrong, mate! We are talking about vaccines here, so it's not about *that* who, but Doctor Who.
"In this day and age it should be possible to run a bit of software inside a box from which it will never escape. Its very simple."
The problem is that's very unseful too.
"No socket connections."
So no access to the Internet.
"No file system access."
So no permanent storage.
"No shared me memory access"
So no interprocess communication (yes, I'm aware of other means, but I bet he wants them banned too: look at his first "no").
So you end up with a computer that can't be harmed but can't do anything useful either. Well, just don't turn on the computer: same end effect, only easier.
"To my humble opinion, a good ISP needs to have good reliable equipement."
To my humble opinion, a good ISP needs to have good reliable *service*.
Ask i.e. Google to learn the difference.
"Simple solution to achieve your wish... Deport all the cheap labor Indians on H1-B visas and there would be a huge upswing in demand for domestic IT personnel."
Or else, a huge upswing in demand for attornies with experience on outsourcing companies to cheap labor countries like India.
" I'm not a survivalist per se but we keep plenty of food stores and several gallons of potable water handy in case of a natural (or even unnatural) disaster."
You store the food, I'll store the weapons. See what happens when I pay you a visit after the armaggedon.
"I call bull.
I'll put up $1,000 as a bet that you can't tell when xrays are passing through you in a true blind test."
Of course not. Point being that X-Rays don't produce any kind of allergy.
"I'm not going to put words in your mouth"
But you seem to do it quite good.
"but if you are also of the belief"
He isn't.
"that depressed people need to cheer up and autistic kids just need a slap upside the head"
He don't think so. Instead, he does think (and so do I) that most children diagnosed autistic, depressed or hiperactive are not but just children in all his glory diversity and/or without enough careness.
I also have my own opinions about why a doctor would tend to diagnose something to belong to his discipline (for a man with a hammer...) or why pharmas would prefer 30% of global population consuming their pills instad of only 1% or why overburdened/careless parents would prefer to cope with their children by means of pills instead of their own energy and/or why they prefer to hear that any misconduct from their breed is not their fault but some illness out of their control.
"A month or two is not enough time."
Being that the case is that when a zero-day exploit is published big names are able to respond within hours I'll bet that yes, a month or two is quit enough. Of course, if you ask the question to the vendors themselves they'll want to answer that even the whole eternity is not enough for them since actually they don't give a damn about security unless heavily pressed to do so (as it happens to be case after a zero-day exploit is in the wild).
"We've had that discussion five years or so ago, hadn't we?"
Well, we had that discussion back in 1853 (http://en.wikipedia.org/wiki/Full_disclosure#History) so yes, it's growing a bit old now.
"If there were no attacks, vulns would be little problem"
There are attacks *because* there are vulnerabilities.
"As it is, your AV takes up a good chunk of your computer's resources and the botnets still send tons of spam."
May it be because shoddy software vendors are still unwilling to do something *real* about it?
"These security researchers want *their* bugs to have top priority"
Only two choices:
1) They are right: "their" bugs are top priority and publishing them will demonstrate (and the vendors will learn about them for free).
2) They are wrong: "their" bugs are not so top priority; they'll publish them and the affected vendors will follow bussiness as usual fixing their top priority first, then those from the security firm (and they'll find about them for free).
All in all both the vendors and the market will end up with a net gain. Let's not forget that resposibility for buggy software *must* be on the side of those producing buggy software, not on those that ring the bell, or else Woodward and Bernstein would be the guilty side on the Watergate scandal, not Nixon.
"That's why they can build better cars at a far lower cost than their American competitors can, for example.
Ahh I was somehow under the false impression that they were able to make cheaper cars due to lower wages, less environmental regulations, and the lack of labor unions."
A false impresion indeed. Germany is not under lower wages, less environmental regulations and have strong unions. Despite of that they manage to build BMWs, Audis or Mercedes.
"In all fairness, (not trying to troll, honest) unions aren't for educated workers who can make rational decisions."
Because? On one hand you have big corporations with money even to press government to pass laws as they see fit, on the other hand your bare strengh. The only rational decision seems to be to unionize to counterbalance the hughe different in strenghs and power.
"Presto, no more late nights!"
And "Presto, no more money to pay for the mortage!"
"Methinks it is about time we got a professional body (or for those so inclined a union) [...] to make sure job stay local as the other professions do."
There are trades and trades. Just try to force a company to maintain its datacenter on local personnel and next you'll see is the datacenter being outsourced as a whole. How many japanese cars were roading in USA by the sixties?
On the other hand, for profiles that cannot be easily outsourced, yes, professional bodies and unions are the way to go no matter how "antiamerican" the big tycoons try to make it seem. What do you thing a corporation is but a union on the financial side? If the financial side can unionize why the labour part shouldn't?
"Or maybe we ARE plummeting into sun, but at a rate that is too slow to be observable."
Well, we ARE plummeting into Sun at a very observable rate. It's only that such rate is exactly the same we move to the side to avoid the mark.
"I'd worry about my government if they did nothing to encourage safe IT practices and if they did nothing but offer passive defense against the hackers employed by opposition countries."
You seem to forget we are not talking here about goverment IT services, do you? We are talking here about privately held bussiness. What the hell has government to do with them except getting away from their path as much as possible?
"But that is not per se BSD license weakness"
Quite to the point. Licenses are nothing but legal means to enforce an agenda. You can say how good is the license by how well it manages to push that given agenda. *If* your agenda is pushing for a community effort, both GPL and BSD allow for it *but* both of them have "holes" to counter such agenda.
The "hole" in the GPL is the one Monty saw: instead of a community effort, let's control all development (open source with closed community): that way we'll be able to double-license (now that Monty doesn't control MySQL intellectual property he whines about how he is able to double license no more).
The same goes with BSD, only it's even more obvious: you can get the codebase for free and use it as an starting point for your proprietary development (thus it can take years for PostgreSQL to get working replication out-of-the-box while there exists proprietary extensions for such a feature). This can obviously be exacerbated on a "closed community" environment where it's not only that the asked for feature is not developed but even rejected by the gurus.
Two more things:
1) The first "if" is a big one: in fact I don't think serious BSD adopters will accept it -they shouldn't choose such a license if they were in fact interested on an "open community" effort.
2) GPL is more resistant towards the "open community" model: at the start BSD and GPL are in reality quite the same (look at the ton of "solo show" developments on, say, freshmeat, even under the GPL) but for succedding projects a point arises where like in a snowball rolling down a hill benefits become so great that even companies find compelling to "lend" a bit of their code in order to get the massive amount of codebase they earn in exchange (Linux kernel being the paramount example) where BSD doesn't have such a "breaking point".
"MySQL was much more open and Monty/etc were investing their time to reimplement -instead of rejecting- into their proprietary fork what OSS community was contributing to GPL'ed MySQL."
Not that I'm aware of an example of this. To my knowledge proprietary licensed MySQL has to-date not a single code line that it is not on the GPL'ed version. But they certainly asked for copyright cesion or wouldn't accept a third party patch. But if they found the feature to be of interest they certainly would reimplement it and make it avaliable under double license if only because it's easier to mantain the code base that way while, at the same time, it wouldn't degrade their bussiness case (companies looking for licensed products don't do it because of the codebase itself but for other bussiness -not technical, reasons). Again, BSD doesn't favour (while not impedes) such behaviour.
"wtf, how is the BSD license "worse"?"
In exactly the same ways the parent post said it was "better".
"GPL is even more dependent on government force than proprietary software is"
Half true; GPL is not more government dependant than propietary software is and probably a bit less... but even this is utterly irrelevant since GPL's government dependency only needs to last for as long as government's support for proprietary software it works against.
"but PSQL has a better license."
No, it hasn't. It has a better community model backing it up (an open one) which is what puts it in a better position despite its worse license.
In other words: try to do KDE or Debian what was done to MySQL and see what happens.