Older versions of Linux can be distributed under any version of the GPL ever published by the FSF, as per GPLv2 section 9, since they did not specify a version of the GPL.
Of course, it's actually GPLv2 or later, because several source files have the "v2 or later" clause.
Huh? Linux 2.0.40 is licensed under GPLv2, which explicitly states that the licensee may choose any version of the GPL, under certain conditions (which are met for 2.0.40). The fact that Linus now claims that he never intended that doesn't make it any less binding upon him.
In other words: the _default_ license strategy is always just the
particular version of the GPL that accompanies a project. If you want to
license a program under _any_ later version of the GPL, you have to state
so explicitly. Linux never did.
No. You think "v2 or later" is the default. It's not. The _default_ is to not allow conversion.
Linus is wrong. Linux 2.0.40 does not state a particular version of the GPL, and GPLv2 section 9 (as shipped with that version of Linux) states:
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
They really should pick another term besides "free", since the one they picked is designed to confuse people...
Nobody who actually takes the time to read any of the FSF's introductory material (e.g. the GPL's preamble, or The GNU Manifesto, or their "What is Free Software?" article) will have any confusion about the issue. The people who are confused are those who pass judgement on things without spending more than 250 milliseconds thinking about them.
Hell, the first thing you see when you visit the FSF's website is the following sentence:
Free software is a matter of liberty not price. You should think of "free" as in "free speech".
If the FSF is trying to spread confusion, they're not doing a very good job of it.
By congratulating Tridge in the way they did, the FSF shows that it is fundamentally hostile to the world of commercial software, period. This flies in the face of denials from its supporters that the FSF isn't anti-software business.
Assuming you're not trolling, your argument is essentially a straw man. The reality is that the FSF is hostile to proprietary software, which should hardly be a surprise.
If the FSF were opposed to commercial software, I doubt the GPL (the current version, as well as the GPLv3 draft) would say this:
You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.
1. There is no way to formally prove in general that a program is logically correct . . . 2. A programming environment is either primitive-recursive (and thus very simple and doesn't offer too much for programming) or it is Turing complete and thus capable (in theory) to host every conceivable program . . . 3. There is always the problem of covert channels . ..
Let me guess: You're a CS major, or you are repeating what you heard from a CS major?
We're not anywhere close to approaching the theoretical limits of information security. All you need to do is to subscribe to any number of security announcement mailing lists (e.g. BugTraq or debian-security-announce) and you will see that the number of buffer overflows, arbitrary SQL injection vulnerabilities, and/tmp races -- problems for which solutions have been well-known for years if not decades -- is simply appalling. Heck, just look at the anti-virus industry (and more recently, the anti-spyware industry), something that would not exist if it weren't for the abysmally poor design of today's computing environments.
At least until we get these problems under control, I'm not interested in hearing sermons about Turing completeness, covert channels, and the theoretical futility of ideal information security.
none of my peers are at my 'level'(I'm not saying I'm a genius) so I can't learn anything from them nor can I teach them a whole lot
How much do you know about being a janitor? About fixing roads? About marketing? About lawyering? About herding cats? About skiing? About writing VBA code? About what it's like to have everyone (including yourself) think you're stupid? About playing a musical instrument? About bankruptcy court? About speaking a dozen languages? About doing any of the countless things that you don't do?
Most intelligent people eventually realize that the system of 'levels' that you speak of does not exist. People know different things about different fields, and you are doing everyone (including yourself) a disservice if you have an attitude that you can't learn *anything* from your peers. If you don't *want* to learn anything from your peers, then at least have the sense to realize that you are not generally "on a higher level" or "better" than them.
Um... If we're going to redesign everything anyway, in order to support logging and analyzing every event, why don't we just design security into the system this time, and actually *prevent* security breaches?
Because under FIPS, the only allowable algorithms are 3DES-CBC for encryption and SHA1 for HMAC. If you allow anything else to be used, it is not "FIPS compliant".
Could you cite your sources? From what I can tell, the FIPS140-2 list of Approved Security Functions includes AES, and Triple-DES, as well as (curiously) DES and Skipjack[1].
Approved hash functions include SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512. Keyed hashing must be done using HMAC, but you can use various DES MACs, as well as CCM mode, for message authentication.
Interestingly, what this basically means is that FIPS 140-2 compliance does not imply that your system is secure. All it means is that the government can use it.
[1] Can somebody please check this? I vaguely remember DES and Skipjack being withdrawn, but I can't find the documentation for that.
As to the last question, I would think that the obvious choice of contacting the user and asking for their name so that you could accurately cite them would be a logical course of action.
Indeed, or if that's not feasible for some reason, at least cite the username and the website you got it from. If that's not feasible, then cite "an unknown author" or something. You definitely do not take the credit for yourself!
Software patents are not an inherently bad idea...
Please stop talking out of your ass. Plenty of information, research, and even mathematical models are available that explain why software patents are an inherently bad idea. If you can't be bothered to do your research, then you should at least have the good sense to keep your mouth shut so you don't drown out those who have.
The closer your network connection approximates a non-existent network connection, the more secure you will be (against certain classes of attacks).
For even more security, you could also unplug your computer, evacuate it, encase it in several layers of plastic and concrete, and dump it somewhere off the continental shelf.
Unfortunately, that's not feasible, since it would have an adverse effect on the environment of the ocean floor.
And it's nearly impossible to force-remove a package (just delete all the damn files and forget about it!) if the associated removal script fails.
It happens to me, on occasion. I usually edit the script in/var/lib/dpkg/info/, find the offending rm or rmdir line (which is usually the problem), and append || true to it.
I should probably start filing bug reports with patches for these packages one of these days...
FYI, some of the stuff you can do in Matlab, you can also do in GNU Octave (which, IIRC, started out as a Matlab clone -- its syntax is largely compatible with Matlab's) just as easily.
Assume that almost all software -- including firewalls, anti-virus programs, and operating systems -- is crap, and probably has security holes. This is not an unreasonable assumption. Once you make that assumption, you can understand why companies put up so many barriers because all of the barriers are made of crap. This way, attackers have to sift through a lot of crap to get what they are after, and hopefully most will give up before succeeding.
Slashdot Mirror
Of course, it's actually GPLv2 or later, because several source files have the "v2 or later" clause.
Huh? Linux 2.0.40 is licensed under GPLv2, which explicitly states that the licensee may choose any version of the GPL, under certain conditions (which are met for 2.0.40). The fact that Linus now claims that he never intended that doesn't make it any less binding upon him.
No. You think "v2 or later" is the default. It's not. The _default_ is to not allow conversion.
Linus is wrong. Linux 2.0.40 does not state a particular version of the GPL, and GPLv2 section 9 (as shipped with that version of Linux) states:
(Emphasis added.)
Nobody who actually takes the time to read any of the FSF's introductory material (e.g. the GPL's preamble, or The GNU Manifesto, or their "What is Free Software?" article) will have any confusion about the issue. The people who are confused are those who pass judgement on things without spending more than 250 milliseconds thinking about them.
Hell, the first thing you see when you visit the FSF's website is the following sentence:
If the FSF is trying to spread confusion, they're not doing a very good job of it.
Assuming you're not trolling, your argument is essentially a straw man. The reality is that the FSF is hostile to proprietary software, which should hardly be a surprise.
If the FSF were opposed to commercial software, I doubt the GPL (the current version, as well as the GPLv3 draft) would say this:
CSS, anyone?
Good analogy.
Let me guess: You're a CS major, or you are repeating what you heard from a CS major?
We're not anywhere close to approaching the theoretical limits of information security. All you need to do is to subscribe to any number of security announcement mailing lists (e.g. BugTraq or debian-security-announce) and you will see that the number of buffer overflows, arbitrary SQL injection vulnerabilities, and /tmp races -- problems for which solutions have been well-known for years if not decades -- is simply appalling. Heck, just look at the anti-virus industry (and more recently, the anti-spyware industry), something that would not exist if it weren't for the abysmally poor design of today's computing environments.
At least until we get these problems under control, I'm not interested in hearing sermons about Turing completeness, covert channels, and the theoretical futility of ideal information security.
How much do you know about being a janitor? About fixing roads? About marketing? About lawyering? About herding cats? About skiing? About writing VBA code? About what it's like to have everyone (including yourself) think you're stupid? About playing a musical instrument? About bankruptcy court? About speaking a dozen languages? About doing any of the countless things that you don't do?
Most intelligent people eventually realize that the system of 'levels' that you speak of does not exist. People know different things about different fields, and you are doing everyone (including yourself) a disservice if you have an attitude that you can't learn *anything* from your peers. If you don't *want* to learn anything from your peers, then at least have the sense to realize that you are not generally "on a higher level" or "better" than them.
The Wi-Fi manufacturers need to quit acting like children and publish their interface specs.
Um... If we're going to redesign everything anyway, in order to support logging and analyzing every event, why don't we just design security into the system this time, and actually *prevent* security breaches?
Eh? I thought RIM's hardware only runs signed firmware...
Could you cite your sources? From what I can tell, the FIPS 140-2 list of Approved Security Functions includes AES, and Triple-DES, as well as (curiously) DES and Skipjack[1].
For AES, the ciphers can be operated in the ECB, CBC, CFB, OFB, CTR, CMAC, and CCM modes of operation.
Approved hash functions include SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512. Keyed hashing must be done using HMAC, but you can use various DES MACs, as well as CCM mode, for message authentication.
Interestingly, what this basically means is that FIPS 140-2 compliance does not imply that your system is secure. All it means is that the government can use it.
[1] Can somebody please check this? I vaguely remember DES and Skipjack being withdrawn, but I can't find the documentation for that.
Indeed, or if that's not feasible for some reason, at least cite the username and the website you got it from. If that's not feasible, then cite "an unknown author" or something. You definitely do not take the credit for yourself!
People are amazing.
No, KDE/GNU/Linux. It's KDE running on top of GNU/Linux, not the reverse.
Please stop talking out of your ass. Plenty of information, research, and even mathematical models are available that explain why software patents are an inherently bad idea. If you can't be bothered to do your research, then you should at least have the good sense to keep your mouth shut so you don't drown out those who have.
For even more security, you could also unplug your computer, evacuate it, encase it in several layers of plastic and concrete, and dump it somewhere off the continental shelf.
Unfortunately, that's not feasible, since it would have an adverse effect on the environment of the ocean floor.
$RANT_ABOUT_IP_MISNOMER
Because OF COURSE he subscribes to a Judeo-Christian religion...
Nonsense! It's a great measure of how good a person is at doing IQ tests...
It's not "reverse racism". It's racism.
And it's nearly impossible to force-remove a package (just delete all the damn files and forget about it!) if the associated removal script fails.
It happens to me, on occasion. I usually edit the script in /var/lib/dpkg/info/, find the offending rm or rmdir line (which is usually the problem), and append || true to it.
I should probably start filing bug reports with patches for these packages one of these days...
FYI, some of the stuff you can do in Matlab, you can also do in GNU Octave (which, IIRC, started out as a Matlab clone -- its syntax is largely compatible with Matlab's) just as easily.
Awesome! So Werner *was* wrong, after all!
Assume that almost all software -- including firewalls, anti-virus programs, and operating systems -- is crap, and probably has security holes. This is not an unreasonable assumption. Once you make that assumption, you can understand why companies put up so many barriers because all of the barriers are made of crap. This way, attackers have to sift through a lot of crap to get what they are after, and hopefully most will give up before succeeding.