Anybody else find it funny that the Trustix website has their own Apache default page?
From trustix.net:
If you can see this, it means that the installation of the Trustix operating system and the Apache web server software on this system was successful. You may now add content to this directory and replace this page.
Seeing this instead of the website you expected?
This page is here because the site administrator has changed the configuration of this web server. Please contact the person responsible for maintaining this server with questions. The Apache Software Foundation, which wrote the web server software this site administrator is using, or Comodo Trustix, who packaged it, has nothing to do with maintaining this site and cannot help resolve configuration issues. In other words, there is a great chance your message will be IGNORED.
I think RMS ends up agreeing with you. DRM is kewl with *you* have the keys to your own computer to regulate it's function. It's bad with somebody else has the keys to restrict your freedom. In that the DRM clauses of GPLv3 only prohibit the latter, I think it's a good compromise.
I'm surprised that Rhythmbox didn't make the list of iTunes replacements. It looks like iTunes, it interacts with your iPod in a similar fashion, and it even supports DAAP. Other than the iTMS, it's almost a complete replacement.
"Just to make it clear: It's not actually the new section 3 ('3. Digital Restrictions Management.') That I object to, like some people seem to think. That section I don't even worry too much about. The part of the GPLv3 that I'm most worried about is the new parts to section 1." According to Torvalds, this "is the one that seems to disallow digitally signed binaries (or rather: you can sign the binaries any way you want, but you have to make your private keys available)."
Isn't Linux wrong about this? It doesn't require you to make your private keys available unless the preferred execution environment requires binaries to be signed only by a certain person. This seems aimed at TiVO. If you have to have TiVO's keys to make a modified version run, then TiVO has to provide their signing keys. But if you can make your modified copy run just as well with by signing it with your own primary keys, the author doesn't have to provide their keys.
This just seems consistent with Stallman -- you can't use cryptography to subvert the freedom of the end user.
Does anybody else despise CNN's word choice of "fails" in this headline? The Senate "fails" implies that it is something that should have been done but they were simply unable to achieve. How about a more neutral word, like "declines"?
-jag
When I quit my last job, they had two weeks to do their best to milk me for domain knowledge I had about the systems I had been administering. I had to train my replacement best I could. Otherwise, there would have been a break in continuity of administration. If they shut you out immediately and told you to take a two week vacation, they don't get the benefit of your experience or domain knowledge about the systems you worked on. If you're that expendable, fine. Get over it, and enjoy your vacation. If you're not, smile an evil grin about them being fux0red in your absence.
-jag
There are most definitely reasons for a rewrite, and most of them have to with developments that have taken our industry by storm since 1991 and which will continue to impact us in the near future. The GPLv2 does not successfully account for many of these.
Some questions which will likely be considered in the GPLv3 drafting process:
1) Back in 1991, the GPL was written centered on specifics to United States Copyright Law. With the diversification of international copyright law since the Berne convention -- some countries have implemented various manifestations of DMCA like laws, others have not -- how does a license that must govern international transactions of copyright account for these discrepancies?
2) How can software patents encumber free software? For example, let's say I write a word processor that is licensed under the GPLv2 and I submit and receive a patent for my word processor document format. If you write a derivative work of my word processor, are you infringing on my patent? Does that violate the principles of software freedom?
3) How does Trusted Computing encumber free software? For example, let's say I write the software for a DVR that uses GPL software and is licensed under the GPL. But let's further say that my DVR used TPM, and it won't run the DVR software if it is not signed with my private key. You can modify the source, and you may even be able to load a modified binary back onto the DVR, but without me signing your binary, it won't run. Does that violate the principles of software freedom?
I don't know the answers. They haven't been decided yet. These may not be all the questions -- they may not be among the questions. But that these questions are out there are symbolic of the need for a community-driven effort to reassess the future of software freedom.
The GPLv3 process will be a discussion of the free software community on how we can best ensure that the essential freedoms the GPL tries to protect are in fact protectable. And though rms is the final arbiter of what GPLv3 will actually be, these are questions that we the free software community as a whole need to discuss.
The mailing list info-gplv3 is how rms is going to announce developments in the process (e.g. draft releases). Additionally, there will be opportunities for volunteers to contribute to the drafting process beyond offering your two-cents, which will also be solicited via the info-gplv3 mailing list. The "I want to participate" basically translates to: "Keep me informed on what's going on so that I can make informed choices about my own involvement." Except that would have been a wee-bit wordy for a web form button.:-)
"For example, it requires certain patent licenses be given that the GPL does not require. (We don't think those patent license requirements are inherently a bad idea, but nonetheless they are incompatible with the GNU GPL.)"
They might get taken more seriously if they edited their report better...
The numbers for 2004 are rounded historical data are estimated to the nearest dollar because of the change in the way that ISOO reports the estimated number.
Another Another measurable indicator of the cost of secrecy in dollar terms is the amount of money estimated to cost the American taxpayer for every new secrecy decision.
The hard part is not using technology to anonymize sources; that's something that can be straighforwardly done using any of the darknets out there.
What's hard is that sources should never remain anonymous from reporters. We trust reporters to screen out the authentic/useful information from the fluff. Even if a reporter doesn't print the name of a source, they must know the identity to be able to ascertain the credibility and the motivations of the source providing the information. It is precisely the reporter's ability to create an informed opinion that makes them worthy of being printed, and pure anonymity deprives the press of that ability.
-jag
Yeah. Shitty article. But...
We use OpenLDAP for a single signon in house... it was really ridiculously easy... The best part is that you can simply paste additional schemata onto the same leaves... We started using it as the staff directory for our email clients... then we made it also work as the user database for a Jabber server... we then added a VPN server that uses Radius to authenticate off of it using the radiusprofile schema... then we turned it into a Samba3 domain controller using nsswitch by adding the sambaSamAccount and posixAccount schemata... The flexibility has been incredible...
How is that better than AD? I don't know -- I've never used AD. AD from what I understand is accessible through LDAP. *shrug*
-j00
-jag
Slashdot Mirror
So if I have a server with two of these, it's a dual Core 2 Duo? -j00bar
Anybody else find it funny that the Trustix website has their own Apache default page?
From trustix.net:
I think RMS ends up agreeing with you. DRM is kewl with *you* have the keys to your own computer to regulate it's function. It's bad with somebody else has the keys to restrict your freedom. In that the DRM clauses of GPLv3 only prohibit the latter, I think it's a good compromise.
-jag
I'm surprised that Rhythmbox didn't make the list of iTunes replacements. It looks like iTunes, it interacts with your iPod in a similar fashion, and it even supports DAAP. Other than the iTMS, it's almost a complete replacement.
-jagIsn't Linux wrong about this? It doesn't require you to make your private keys available unless the preferred execution environment requires binaries to be signed only by a certain person. This seems aimed at TiVO. If you have to have TiVO's keys to make a modified version run, then TiVO has to provide their signing keys. But if you can make your modified copy run just as well with by signing it with your own primary keys, the author doesn't have to provide their keys.
This just seems consistent with Stallman -- you can't use cryptography to subvert the freedom of the end user.
-jagDoes anybody else despise CNN's word choice of "fails" in this headline? The Senate "fails" implies that it is something that should have been done but they were simply unable to achieve. How about a more neutral word, like "declines"? -jag
When I quit my last job, they had two weeks to do their best to milk me for domain knowledge I had about the systems I had been administering. I had to train my replacement best I could. Otherwise, there would have been a break in continuity of administration. If they shut you out immediately and told you to take a two week vacation, they don't get the benefit of your experience or domain knowledge about the systems you worked on. If you're that expendable, fine. Get over it, and enjoy your vacation. If you're not, smile an evil grin about them being fux0red in your absence. -jag
There are most definitely reasons for a rewrite, and most of them have to with developments that have taken our industry by storm since 1991 and which will continue to impact us in the near future. The GPLv2 does not successfully account for many of these.
Some questions which will likely be considered in the GPLv3 drafting process:
1) Back in 1991, the GPL was written centered on specifics to United States Copyright Law. With the diversification of international copyright law since the Berne convention -- some countries have implemented various manifestations of DMCA like laws, others have not -- how does a license that must govern international transactions of copyright account for these discrepancies?
2) How can software patents encumber free software? For example, let's say I write a word processor that is licensed under the GPLv2 and I submit and receive a patent for my word processor document format. If you write a derivative work of my word processor, are you infringing on my patent? Does that violate the principles of software freedom?
3) How does Trusted Computing encumber free software? For example, let's say I write the software for a DVR that uses GPL software and is licensed under the GPL. But let's further say that my DVR used TPM, and it won't run the DVR software if it is not signed with my private key. You can modify the source, and you may even be able to load a modified binary back onto the DVR, but without me signing your binary, it won't run. Does that violate the principles of software freedom?
I don't know the answers. They haven't been decided yet. These may not be all the questions -- they may not be among the questions. But that these questions are out there are symbolic of the need for a community-driven effort to reassess the future of software freedom.
The GPLv3 process will be a discussion of the free software community on how we can best ensure that the essential freedoms the GPL tries to protect are in fact protectable. And though rms is the final arbiter of what GPLv3 will actually be, these are questions that we the free software community as a whole need to discuss.
-jag, a.k.a. jag@fsf.org
The mailing list info-gplv3 is how rms is going to announce developments in the process (e.g. draft releases). Additionally, there will be opportunities for volunteers to contribute to the drafting process beyond offering your two-cents, which will also be solicited via the info-gplv3 mailing list. The "I want to participate" basically translates to: "Keep me informed on what's going on so that I can make informed choices about my own involvement." Except that would have been a wee-bit wordy for a web form button. :-)
-jag, a.k.a. jag@fsf.org
There are ***many*** GPL-compatible free software licenses:
http://www.gnu.org/licenses/license-list.html#GPLEclipse happens to be incompatible:
"For example, it requires certain patent licenses be given that the GPL does not require. (We don't think those patent license requirements are inherently a bad idea, but nonetheless they are incompatible with the GNU GPL.)"
They might get taken more seriously if they edited their report better...
Sorry to nitpick.
-j00Why do you assume he's into humans? Condoms are for sex with anything! -j00
The hard part is not using technology to anonymize sources; that's something that can be straighforwardly done using any of the darknets out there. What's hard is that sources should never remain anonymous from reporters. We trust reporters to screen out the authentic/useful information from the fluff. Even if a reporter doesn't print the name of a source, they must know the identity to be able to ascertain the credibility and the motivations of the source providing the information. It is precisely the reporter's ability to create an informed opinion that makes them worthy of being printed, and pure anonymity deprives the press of that ability. -jag
If you're having trouble seeing the article, try this: Google Cache
Yeah. Shitty article. But... We use OpenLDAP for a single signon in house... it was really ridiculously easy... The best part is that you can simply paste additional schemata onto the same leaves... We started using it as the staff directory for our email clients... then we made it also work as the user database for a Jabber server... we then added a VPN server that uses Radius to authenticate off of it using the radiusprofile schema... then we turned it into a Samba3 domain controller using nsswitch by adding the sambaSamAccount and posixAccount schemata... The flexibility has been incredible... How is that better than AD? I don't know -- I've never used AD. AD from what I understand is accessible through LDAP. *shrug* -j00 -jag
"And I, for one, welcome our new zombie dog overlords." -j00