Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Editorial

Alan Cox talks about laws... and Linux 375

This set of interview responses from Linux hacker Alan Cox is overtly political, in line with the questions we asked him on May 6th. Alan doesn't just talk about problems here but proposes sensible solutions for them. Very nice. Thanks, Alan.

1) European DMCA
by Yohahn

Given that you won't visit the USA given the enactment of the DMCA. If the DMCA equivalent passes in Europe, will you move? If so, is there anywhere that is safe from this kind of insane law (it sounds like peru may be a new haven for free software)?

Alan:

It's very hard to fight laws in foreign countries. Dmitry for example was almost certainly chosen because he was Russian. It's sadly much easier to win a case in almost any country when you use your historical enemies and prejudices to set the precedents. "Foreigner attacking US business interests" just sounds so much better in court than "clever kid helping his grandma read ebooks", especially when someone notices you can easily get a longer sentence for helping grandma read than kicking her down the stairs.

In the EU we are doing what we can to make the EUCD harm limited, and also trying to educate politicians on the damage they have done. If we can tell them in advance the problems the EUCD is going to cause we can help them frame futher law to prevent those abuses, and to update it.

Knowing the EUCD will trip up its much easier to ensure that there is a nail bed where it will land and you know when to stick your foot out as it streamrollers past, than it is to attempt to hit it head on. We've already had some interesting pointers. In a recent case the judge accepted that the law favoured the bad guys, but said openly that had it been brought up several other ways they would have had no defence. So we have some good ideas how to hit back.

See www.eurorights.org and www.fipr.org for more information

I will be staying put for now. Its my job to hell fight the EUCD just as its the US folks duty to fight the DMCA if they believe in the values the USA claims to hold high. Maybe someone can find a way to use the US flag to defeat a copy protection system. That should make a most entertaining hearing.

Slowly the political wheel is turning, although not entirely in ways I like. The european parties advocating that the nation comes before europe and before international treaties are winning more and more votes. Sadly these parties also advocate racism and forced repatriation of foreigners. It is becoming very important for a lot of reasons that mainstream parties recognize what is going on, otherwise there is a real risk the racists will win real power, because it may be the only way people can vote for these other extremely important political changes.

2) What is your political goal?
by Capt_Troy

What is the goal you hope to obtain in regard to the DMCA dispute? How to you intend to meet those goals ?

Personally, I think that as time passes, people will become more and more technical and eventually the absurdity of the DMCA will be exposed on a more general population than just the techies that it is now. So the best means to an end IMHO is educating the general public. Is this your intention?

Alan:

The ultimate goal has to be to find a middle way that addresses both the rights of copyright holders to protection of their works, and the rights of society to ensure those protections are limited and don't do harm to the general good. Copyright was invented for government censorship and military purposes. It became something for the good of society, and the USA acquired it in that form. Its important it remains for the good of society.

The truth is that the DMCA has no value at all in stopping piracy, only in stopping innovation. It takes one person to break the protection on something and the game is over. That person may be anywhere and well beyond US law. What you can do is to deal with the actual folk who distribute such material. Lets face it, to get a copy of something on the internet you must be able to find it. If you can find it, so can law enforcement.

We need to get to a point where people who actual commit real crimes are punished not people who make tools that might be misused. The 'logic' of the DMCA extended to other regimes makes grim reading for any US citizen:

Photocopiers can be used to copy - ban them, control the libraries

Typewriters can be used to make copies - license then
Web sites can be used to publish illegal material - license/censor them

Which leaves you with a state remarkably similar to the old stalinist block.

The SSSCA mark two and the digital TV rights in the USA are very similar problems. The digital TV one is confused by the fact that encryption of free to air digital tv is heavily restricted in the USA. It isn't in the UK which makes that simpler and you can get Digital TV cards here. The UK encrypted to air TV people went spectacularly bankrupt but thats market forces at work.

I'd like to see the SSSCA stuff solved by market forces and sanity too. Let the Hollywood folks make themselves an antitamper PCI or USB2 hardware card that has only encrypted data in, a smartcard slot for per user rights management and an SVGA analogue overlay/analogue out. If the market is right they can sell/give away such hardware and make a profit on the films. No software system will survive a cracker long, and indeed things like vmware already make a mockery of software only stuff like windows digital media protection since people can record the audio output of the virtual pc trivially.

A tamperproof hardware card also means they can publish all the programming information to load and play movies on it with any OS. That will cut down the number of people interested in cracking it by 99% too.

Keep the government well out of it. Neither Hollywood or the US government (or indeed government in general) has been very good at meddling with technology and innovation. The SSSCA mark 2 is basically an attempt by the studios to make someone else pay for the technology they want to use to sell their product. Thats utterly cynical misuse of power. If its worth doing - let them pay for it.

Educating the public assumes you have access to media that the public proper read and which sees the DMCA as bad. You don't, the media empires helped create that law. That makes such a process very slow and hard to achieve as it has to be done person by person.

3) Microsoft .NET and Linux
by SL33Z3

What are your feelings on Microsoft's .NET and any initiatives to make the technology work on Linux?

Alan:

Microsoft has publically stated that it has patents on critical parts of .NET and will enforce them. If you think that .NET is a good idea, or cloning .NET is a good idea, remember you won't have a US market unless they find you amusing enough to allow to live on. And if you think Microsoft can be trusted on this look at their recent activities against Samba.

The system itself is mildly interesting as a technology. Its yet another virtual machine, roughly equivalent to picojava in capabilities. It has an interesting way to self generate IDL, but one which their own papers say cannot represent all programming languages.

The more dangerous parts of all this are not so much .NET but chunks of the model that not only the .NET product and the Java standards rely on. Things like xmlrpc, soap and the stuff on top of them are designed to "interwork through firewalls". A better phrase would be "go through the firewall like a knife through butter in a way that prevents the companies involved monitoring the activity".

When all you have is an encrypted SSL session how are you going to figure out if its a legitimate bit of ebusiness with a related company or someone in your company uploading your entire company customer database?

4) Organizing the OSS community for activism
by akb

Free software programmers and the extended community are arguably the most organized non-hierarchical, grassroots constituency in the world. The community includes the tens of thousands developers and millions of endusers tightly networked through institutions like sourceforge, slashdot, countless LUGs, etc. The ability to produce projects of the scale and complexity of the Linux kernel, the Debian distribution, or the engineering behind the Internet itself is a testament to the community's ability to organize more than anything else.

Despite this incredible organizing for software production, support and distribution very little of this gets translated into the political realm. In his last slashdot interview [slashdot.org] Lawerence Lessig chided the community for this.

Organizers of traditional political campaigns for social justice or equitable distribution of power would drool over having a constituency as organized as that which we have. How do you think the community can translate its effective organizing in the technical arena into the political realm?

Alan:

Most organised grassroots constituency. Nowhere near. It's an elitist rather unrepesentative bunch of lazy people. They have far too small an overlap with the masses or with the political powers. I also think that the church would probably find any claim of that nature by the free software people rather funny. Walk into a random record shop and say "Tipper Gore" then, assuming you survive, count the percentage of people who don't know. Repeat the same by going into a random pcworld type computer shop but saying "EFF". The mainstream awareness just is not there.

The way you fix that is to get up off said backsides and write to politicians, propose alternatives, write letters to the mainstream newspapers and organise events to publicize things. Unfortunately everyone thinks it will be OK because someone else will get up off their backside instead.

You achieve change because everyone gets off their backsides and does stuff. Gandhi didn't free India alone, women didn't get the vote because one person rang the prime ministers office and asked for it. The same goes for much smaller and less important goals too.

5) The end of cheap "open" hardware?
by I91MM

It looks like us PC hardware hackers are likely to have a much harder time in the next ten to twenty years as the average (desktop) PC becomes increasingly integrated. I see a trend away from the PC of today towards an increasingly closed 'black box' where the components are no longer a set of cards which are easily replacable. This is inevitable, especially at the lower end of the PC market, since increasing integration leads to lower costs for the manufacturers. Correspondingly, custom hardware will become more expensive and be increasingly restricted to the high end...

How do you think such a trend away from "open" hardware would affect open source development, especially at the lower end of the spectrum? As the computer becomes more and more of a mysterious black box, do you think that the would-be hardware hackers of tomorrow are more likely to turn towards software and application development, and would this be mostly good or mostly bad for open source software (more applications/systems programmers, but fewer hardware-level programmers)?

Alan:

The desktop PC is an anachronism already to most people. The high flexibility of the system makes it scary to use, expensive to manufacture, and hard to make reliable. PC's are also noisy, they are hard to reset to the state they arrived in without losing your personal data and so forth.

The low cost sealed box PC is an inevitability, and one that is badly needed to push computing on a stage. It is much cheaper to do safety and approvals work on a system that the user can't poke a screwdriver inside and which doesn't contain connectors sticking up off the board like small aerials.

I don't see all custom hardware getting more expensive, or the inability to fit cards as a problem. If the entire system is cheaper than the new card it is a quite serious recycling problem rather than a financial one. A lot of electronics hackers have found things like USB very good too. Its not hard to write USB devices and its a great way to plug fun electronics into a PC, USB even provides device power for you.

There is a temptation for some manufacturers to make it deliberately hard to twiddle with a computer, to fit non standard external connectors and the like but I'm hopeful the market will address that - preferably better than it did laptop docking stations.

I'm also not sure sealed boxes make less "open" hardware in the free software sense. It may even be advantageous. If the systems are very integrated it becomes easier for all OS vendors to handle things like driver writing because there are less drivers to write. A piece of silicon is pretty opaque without the manual whether you have to saw the box open or undo screws.

It might mean a reduction in the number of programmers with good hardware experience, it might also mean there are more good programmers free to work on the next critical things - user interfaces, security models, or replacing the current web services garbage with something that is scalable and can be made to work for example

6) Free vs Commercial
by div_2n

With free versions of software such as Open Office constantly improving, what place do you perceive commercial software to have in the free software world as free alternatives mature to an acceptable and usable state?

Alan:

It really comes down to people having a business model that justifies the extra cost of their proprietary product, both in convenience to the user and development cost to them.

Sometimes that equation makes real sense. For example I'm sick of deleting bug reports from people with the Nvidia kernel modules. I've talked to Nvidia folks about why they do it. The bottom line is that I can't make a good case for them to open source it. Their worries about what it might do to their performance relative to competitors are quite well founded.

If the governments would do something properly about the Microsoft monopoly, patent abuse and other false pressures the markets ought to sort it out. Right now its not the "invisible hand" guiding the markets its the "lobbyists jackboots"

7) Beards?
(Score:5, Funny)
by WinstonSmith

I've been programming a computer since I was 8 years old. I'm 29 now. That's 21 years of "experience". Lately, however, I've come to the realization that I'm never going to make it "big" unless I grow a Big Ole Programmer's Beard. I'd like to think it's possible to be a wise UNIX guru without one, but I think it would be easier if I had a beard. A big one.

My question is: Since my wife won't let me grow the Big Ole Programmer's Beard, what should I do to make it "big" in the world of UNIX gurus?

Alan:

You could try a disguise kit. Maybe a stick on beard would work? I'm glad to see that you have at least decided the wife is more important than a beard.

Linus is proof that you can change the world without a beard, even by accident. In my opinion you have to do two things to be a Unix guru. Firstly you need to know a lot about the system and the philosophy. Being able to say "V7 was the last real Unix" and justify your claim is a good test. Secondly you need to be actively helping and teaching other people that knowledge - which in turn also improves yours immensely. If you want the holes in your knowledge showing up try teaching someone.

8) The future of Linux
by halftrack

With the rise of KDE3, increased user friendlyness and "simple" distros such as Mandrake and Lindows. Do you belive the development of Linux and the open source comunity would be harmed in any way, if Linux ever became mainstream?

Alan:

Linux is already mainstream in the embedded world and in the server world. Take a look at the huge Wall Street companies using Linux if you doubt that.

The desktop is much more challenging, but I don't actually see it as a "problem" if it becomes mainstream. It will certainly add pressure to improve standardisation work in the LSB for the user interface libraries.

The bigger challenge in terms of not breaking the OS is embedded. The drive for size is not that major a problem but the goal of extremely good real time response does have potential conflicts. Solving those of course also helps on the desktop.

9) What should we fear the most?
by jmv

There are many plagues that threaten the open-source community and even the software industry in general. There are software patents, DMCA and the like, frivolous lawsuits, MS bullying to name a few. In your opinion which one is the most dangerous? Also, what do you think is the best way to fight it?

Alan:

Most of them depend what country you are in. I don't see the USA or western europe as a long term software development market for example. They are too expensive and there is too much stupid (as opposed to justified) red tape and expense.

Software patents and frivolous lawsuits all sit together. When you look at the kind of rubbish the USPTO has allowed to be patented - stuff like merge sorting web logs - you being to realize the scale of the mess. Fortunately everyone is now telling the US government this, even patent attorneys. It is going to take a lot of cleaning up and will require political will alas.

Microsoft certainly are a threat. If they are given a slapped wrist then their behaviour after the lawsuit is going to make their behaviour before it look quite saintly. It won't be politicially acceptable for the US to drag them straight back into court. They know that from their last slapped wrist. The fact they have been able to avoid paying shareholders dividends has given them huge amounts of cash and power. Typically a corporation pays over 80% of its profit as shareholder dividends in the USA.

Its actually quite ironic for them to describe Linux as un-American. Work out the tax that would have arisen if they paid dividends like normal companies on their 30 billion plus cash mountain. Now convert that into extra on the ground US security service employees and ask the obvious question..

10) Do you have any other interests?
by gosand

Do you have any other interests, besides Linux? I know in order to get to the "guru" status you have to be pretty dedicated to one thing. But what else do you like? Or are you a 100% Linux-kernel-hacker? I swear I saw you the other day riding a Harley. ;-)

Alan:

I don't think you can obtain guru status without having other interests. If you never look out of your own windows you will miss so much that has direct relevance and is usable in your own field of work.

The things I actually do tend to vary, the last couple of weeks have involved playing Illuminati and practicing my world domination skills (one win, one joint win out of two) and investigating furniture. Next week may involve repotting plants I think, and trying to work out why one of my spiderplants is dying.

I know I'm getting older too. There comes that certain point in life when you actually find things like furniture catalogues interesting. As a friend summed it up "I have found in me the urge to buy power tools".

You wouldn't find me riding a Harley however. I've never been keen on bikes. and my mother promised long ago if I ever got one she'd smash it into little pieces (a close relative ended up with a permanent limp from a bike accident). I've done enough damage falling off a real horse, I'll skip iron ones.

This discussion has been archived. No new comments can be posted.

Alan Cox talks about laws... and Linux

Comments Filter:
  • It's very hard to fight laws in foreign countries. Dmitry for example was almost certainly chosen because he was Russian. It's sadly much easier to win a case in almost any country when you use your historical enemies and prejudices to set the precedents. "Foreigner attacking US business interests" just sounds so much better in court than "clever kid helping his grandma read ebooks", especially when someone notices you can easily get a longer sentence for helping grandma read than kicking her down the stairs.


    Dmitry was not in hot water just for "helping grandma to read", he made it possible for millions of copywritten works which make up for some people's livleyhoods, to be exploited without proper compensation by 10's of millions of people. If he wanted to help grandma read, he would bring some books from the local library and get grandma some warm tea and a bright light.

    I am sure that there were certain portions of the way he was procecuted that were not fair, but this sort of gross exageration does not fool anyone and really does more harm than good.
    • I think the interesting part of the original quote was;
      "especially when someone notices you can easily get a longer sentence for helping grandma read than kicking her down the stairs"
      That's the point I find amazing. Someone defeating the copy protection mechanisms would most likely get into more trouble than someone causing bodily harm. Come on, we know how this stuff works, I don't think it IS an exaggeration.
    • Actually, there have only been a few dozen "trial" e-books and Dmitry didn't hurt their sales. At all. That is, they didn't sell. At all.
      • Actually, there have only been a few dozen "trial" e-books and Dmitry didn't hurt their sales. At all. That is, they didn't sell. At all.

        Right, but he did sell his software which cracked the ebooks. That's where he really got into trouble. It's not like he was giving away free ebook cracking software and they decided to come after him, even though reg codes and key generators exist for nearly everything. No, he was directly trying to make some money from cracking their protection scheme and that's a huge part of where his trouble began. If you're going to warez stuff, at least have some morals.
      • Well, there's a hell of a lot more than a couple dozen. I own about 45 from one publisher alone, and that's less than 1/4 of that publisher's catalogue. Of course, Dmitri's work wouldn't affect this publisher, because they don't use any encryption.

        There are two companies making money in the E-Book business, Baen Books, and Fictionwise. Both sell E-Books cheap, and avoid encryption if at all possible (Some Fictionwise stuff is encrypted, no Baen stuff is encrypted.)

        So go check out the Free Library at www.baen.com
        for free E-Books from popular SF and Fantasy Authors.

        The Crazy Finn
    • Dmitry... made it possible for millions of copywritten works which make up for some people's livleyhoods, to be exploited without proper compensation by 10's of millions of people.
      Clearly, no one person made this possible - but if you want to finger somebody, you should either be looking for the morons at Adobe who used ROT13 encryption (which even I can break) or for those guys at Intel and IBM who put the requisite power on the desktop.

      Blaming Dmitry is pure scapegoating - he had remarkably little to do with the extremely few illegal actions that have been committed with his code.

      This further quote from your post is apropos:

      ...this sort of gross exageration does not fool anyone and really does more harm than good.

    • If he wanted to help grandma read, he would bring some books from the local library and get grandma some warm tea and a bright light.

      My wife is blind. Completely and totally. Tell me how a bright light helps her read the ebook I just bought for her. Go ahead bright boy, tell me.

    • by Dr. Awktagon ( 233360 ) on Monday May 20, 2002 @12:41PM (#3551979) Homepage

      If he wanted to help grandma read, he would bring some books from the local library and get grandma some warm tea and a bright light.

      Dear billstr78:

      My name is Jim Shyster, and I represent Global Tetrahedron Publishing, the largest book publisher in the world. It has come to our attention that you are distributing instructions describing how to circumvent the patented access control device which protects our valuable printed content.

      Our patented access control system, which is sold under various names, including Darkness(tm), NoLight(R), and Hey-I-Can't-See(tm), is an effective system for protecting copyrighted works from unauthorized duplication and use. Over 10,000 man-hours have gone into developing this popular system, which is licensed to thousands of usersworldwide.

      Your description clearly outlines a method for circumventing this system, by use of a "bright light", in violation of US copyright law, specifically Code Title 17, Ch. 12, Sec. 1201. The reading license in our books states that only our NightVision(R) Glasses can be used to read these books in an otherwise darkened room, which are available from our distributors for $199.99. A reader may also purchase a Perpetual Sunshine License ($1,999) which grants members of a household the right to read outdoors, under solar illumination, at any time. These are the only authorized uses of our products.

      You might also note the section of the license that forbids license holders from using public libraries or any other system of "free" or "unauthorized" reading, lending, or copying; in order to prevent book piracy.

      We trust that you will remove the infringing material within 7 days.

      Most Very Truly Yours,

      Jim Shyster, ESQ

      Dewie, Cheatham, and Howe LLP

  • White goods (Score:3, Funny)

    by matthew.thompson ( 44814 ) <matt.actuality@co@uk> on Monday May 20, 2002 @10:27AM (#3550870) Journal
    I know I'm getting older too. There comes that certain point in life when you actually find things like furniture catalogues interesting. As a friend summed it up "I have found in me the urge to buy power tools".
    I can fully sympathise with this one - I have this urge to buy all sorts of household electronic and electric devices. Sorta drummed it home when I spent £450 (That's GBP incase the symbol doesn't display) on a Washer Dryer.

    Of course my idea is that eventually it all talks to each other and tells me what it all needs and prints me out a list for when I drive down the road to the nearest Wal Mart (O.K. Asda).

  • by Pave Low ( 566880 ) on Monday May 20, 2002 @10:30AM (#3550887) Journal
    Where is this notion that Microsoft "avoids" paying dividends come from? They have no obligation whatsoever to pay out dividends if management decides not to. You can't avoid doing something where you might otherwise have to.

    Shareholders know they don't pay dividends, they invest full well knowing that. They bet that by reinvesting that money back into the company, the shareholder value will increase. That in of itself is better than a dividend.

    • by sphealey ( 2855 ) on Monday May 20, 2002 @10:49AM (#3551056)
      Where is this notion that Microsoft "avoids" paying dividends come from? They have no obligation whatsoever to pay out dividends if management decides not to.
      Up to a point. However, if the company stops growing, and continues to retain cash in excess of its reasonable operating requirements, there comes a point where the management can be accused of failing in their fiduciary duty to maximize total return to the stockholders.

      What is that point? Hard to say since it varies from industry to industry, from board of directors to board of directors, and from presidential administration to presidential administration. However, in the auto industry the tipping point has usually been around $5 billion (USD, US billion) on annual sales of $50B. Past that point shareholders, the SEC, and the Justice Dept. start getting restive.

      sPh

    • by Alan Cox ( 27532 ) on Monday May 20, 2002 @10:50AM (#3551060) Homepage
      Title 26, Chapter 1 subchapter - G

      IRS pub 542

      IRS ruling 75-305

      There is no direct obligation to pay dividends but a company choosing to retain the cash as and above its needs (clearly the case IMHO) is required to pay tax on it

      • Apparently your opinion ignores the market, proper application of your refrences and reality.

        Plenty of other firms have been doing this for years, legally, especially firms in wildly cyclitical industries, like Microsoft. Any Finance 201 student, instructor or Professor can and will tell you that.

        Plenty of other real issues with that company, but this failure to pay dividends nonsense is not one of them.
        • Plenty of other firms have been doing this for years, legally, especially firms in wildly cyclitical industries, like Microsoft.
          Agreed - up to a point, it is legal. However, any student of the auto industry will tell you that when cash reserves become excessive, both Kirk Kekorian and the Justice Dept. come knocking, and the reserves either get used for some constructive purpose or paid out. Particularly in an anti-trust situation having a $40B overhang of cash is generally not going to be in accordance with the corporate charter.

          sPh

          • I understand all you are saying as true, however I *think* Toys R Us sucessfully did this for quite some time, at least in the 90's when I got my Finance Degree.

            As far as the other example of anti-trust nonsense from the auto industry: the Big Three kept AMC afloat for quite some time just so there would be enough "players" in their industry to keep the anti-trust facists (yes, facist is the right word for when government makes industry a tool of the welfare state) away.
          • Don't forget, the taxes were already paid on these funds when earned. Mr. Cox, and many others like him, just want taxation to be a revolving door for corporations.
            • "Don't forget, the taxes were already paid on these funds when earned"

              Negative. Microsoft hasn't paid any taxes in years.

              • I believe what you are referring to is state corporate taxes, which Microsoft is apparently exempt from. I'm rather certain that there are federal taxes which are being paid, plus taxes in other states.
    • They bet that by reinvesting that money back into the company, the shareholder value will increase. That in of itself is better than a dividend.

      And they are fools to do that. A stock is worthless if it never really represented anything of worth. Suppose MS decides to never, ever, pay dividends. Well, then what did that stock really mean anyway? Not much of anything.

      Basically, unless MS eventually either buys back stock, or pays dividends, all everyone was really doing was gambling, there was no real equity involved. It's zero-sum.
  • by dejectuk ( 534810 ) on Monday May 20, 2002 @10:30AM (#3550892) Homepage
    > investigating furniture.

    Thats a busman's holiday if there ever was one! In the UK, the only acceptable place to buy furniture is Ikea (or so I've been told) and they run redshat:-

    * alan walks into ikea.
    [alan] "ooh a vt420"
    [alan] "ooh a redhat box"
    * alan admires his work smugly.
    * alan leaves ikea with cheap flat pack furniture that will break during assembly.
    • IKEA furtniture is attractive, in a simple-meets-modern kind of way, but from what I've seen and bought, it's totally retrograde in quality.

      I had a table that I used as a computer table until the top became so warped (it looked wavy) the mouse wouldn't track anymore. I cut the top open when I trashed it and it was two pieces of particleboard supported by *cardboard* between the pine trim surrounding the table.

      The last time I was in an Ikea (Tustin/Irvine) I checked all the furniture and it was for shit; almost exlusively bad composite materials that would disintegrate if they ever got even damp.

      If Ikea is the only acceptable place to buy furniture in the UK, the UK really is a fallen empire...
  • by Software ( 179033 ) on Monday May 20, 2002 @10:31AM (#3550901) Journal
    Maybe someone can find a way to use the US flag to defeat a copy protection system
    That's an awfully good idea. Maybe use DeCSS, but modify the key so that it has to be combined with a JPEG of the US flag in order to work. I'd like to do this myself, but sadly I lack the ability to do so and the desire to risk jail time. Pretty sad.
    • ...but, there is no special protection/rules for the US flag in the USA. There was an *attempt* to make it illegal to burn (or otherwise malign) the flag, but it was not successful. You are legally entitled to step on, spit on, or do other indignities to the US flag!

      So, I'm kinda confused as to the point of this whole line of thought.
      • If the US flag itself could be used as a device to circumvent an access control then it would technically become illegal.

        Personally, I suspect you'd have more luck with an ASCII Constitution but that's the principle. Can't see it happening (it's too artificial and would get laughed out of court) but it would be entertaining...
      • i'm working on this as we speak.. =)

        basically you feed it a .jpeg of a flag, at any size, it will work.. =)

        of course I'm going to post this anonymously once the code is done, but i think it would be great

        the problem is that the flag of the US will not be viewed as a copy-protection circumvention device.. the code that reads the flag and cracks the code will be associated with it..

        the reason being is also the reason why the DMCA shouldn't have ever been enacted. circumvention code by itself cannot crack copy-protection schemes, it takes a computer to run it on.. so the computer WITH the code together should be the item that is illegal, not just one part of it.

        just like rocks are not illegal, but rocks enroute to target + person who throws them + target that will be damaged by rock makes the rock an illegal tool. it is because the rock was used in the commission of a crime.. the same way that guns are legal, but using them to hold up a bank is not.

        -fc
  • The things I actually do tend to vary, the last couple of weeks have involved playing Illuminati and practicing my world domination skills (one win, one joint win out of two)

    I almost wonder if his is a space alien (like something out of Men in Black). I wonder which one he would be.

    In any case, it sounds like he has been putting his courses in improvisational science and cultural reconfiguration to good use.

  • LSB (Score:3, Insightful)

    by IamTheRealMike ( 537420 ) on Monday May 20, 2002 @10:32AM (#3550911)
    The desktop is much more challenging, but I don't actually see it as a "problem" if it becomes mainstream. It will certainly add pressure to improve standardisation work in the LSB for the user interface libraries.

    That's a nice thought, but as there currently aren't that many distros that even manage to comply with the current LSB, how likely is it that UI libs will be standardised? I don't think it's possible to introduce standards into Linux now, it's too late for that. We just have to make do with whatever standards were set by the UNIX heritage, or by market forces.

    I'm still trying to figure out if that's a good thing or not.

  • by MountainLogic ( 92466 ) on Monday May 20, 2002 @10:34AM (#3550922) Homepage
    Alan makes a very important point:

    I'd like to see the SSSCA stuff solved by market forces and sanity too. Let the Hollywood folks make themselves an antitamper PCI or USB2 hardware card that has only encrypted data in, a smartcard slot for per user rights management and an SVGA analogue overlay/analogue out. If the market is right they can sell/give away such hardware and make a profit on the films. No software system will survive a cracker long, and indeed things like vmware already make a mockery of software only stuff like windows digital media protection since people can record the audio output of the virtual pc trivially.

    The real problem is that Hollywood wants their cake and to eat it too. They want to use commodity PC hardware (DVDs). They should kill the DVD, create a propritary platform (players only) and NEVER aloow it to run on a PC. Geez, I publish something in a public format I then I'm surprised the public can share it? Get real.

    This whole screw-up is Hollywoods fault. Don't let them stick it to us for their mistakes.

  • by Xpilot ( 117961 ) on Monday May 20, 2002 @10:35AM (#3550936) Homepage
    Hmm... what is it with beards and UNIX gurus and Jedi. When Obi was an apprentice, he was clean shaven (and his master Qui-Gon had a beard). Now that he's the master, he's all fuzzy. Maybe it's a UNIX thing too :)

  • by MajorBurrito ( 443772 ) on Monday May 20, 2002 @10:42AM (#3550999)
    Every time I read an interview like this, it strikes me how odd my own life is - I'm at least as concerned about the Microsoft trial and the latest versions of software as I am about my relationship w/ my wife. It's a kind of techno-myopia - you get so immersed in it all that priorities become skewed. And I think I'm safe in saying that I share this w/ a large portion of the Slashdot community. Every time I have this insight (about once a month or so), I go get out my guitar and start practicing for a few days, and I think about my life and what's important, and I always resolve to spend less time worrying about the things that don't really matter - like whether an Athlon or Pentium preforms a particular test better. But then I go back to work, and I start worrying about the same old crap again.

    I sometimes wonder if the Slashdot community's collective myopia and whether it will lead to the community's downfall - worrying about trivia while the rest just gets ignored. Is the latest version of Linux really more important than getting out and taking a walking holding hands with someoue you love?
    • If I had mod points, I'd mod the parent up.

      But the fact is that a large part of Slashdotters are either college kids or uber-geeks that quite honestly, have nothing better to do. I think that you're view is pretty typical... once you grow up and get a "life", then this stuff gets put in perspective for most people. This is pretty irrelevant in th e grand scheme of things. Shit, it's just software. Who, outside of this little community actually cares? I mean, shit, we're not talking about saving the planet from terrorism here. It's just software. The world will go on just fine regardless of who "wins" assuming that one "side" will actuall "win". Life goes on.
      • by wfrp01 ( 82831 )
        Shit, it's just software

        Yes and no. There's the code you use, and there are the laws that govern how we can use it. In the larger scheme of things, whether you use Jack or Jill's text-mogrifier code probably doesn't matter a whole lot. But the politics surrounding code use does matter. A lot.

        No? Think about what it would mean if general purpose computing were outlawed, for example. Impossible, you say? If you think that goes to far, well maybe we can scale back and just criminalize the production and use of free software. The only people that would affect are a few wing-nut hippie communists anyway.

        The issues are very real. Jail is very real. Ask Dmitry.

    • When I'm at a restaurant, the conversation (with the waiter/waitress) is about the food.

      If I've just gone to the movies, the conversation is usually about the movie.

      If I'm at work, conversation is about work.

      When I'm on Slashdot, conversation is about Linux.

      What makes you think this behavior indicates "myopia"?

  • by Amazing Quantum Man ( 458715 ) on Monday May 20, 2002 @10:42AM (#3551000) Homepage
    Yeah, it may be OT and it may be flamebait, but Alan mentioned this one...

    After V7, more and more got thrown into the kernel. V7 was the last "minimalist" kernel, where small was beautiful.
  • In fairness... (Score:4, Insightful)

    by Otter ( 3800 ) on Monday May 20, 2002 @10:44AM (#3551010) Journal
    Most organised grassroots constituency. Nowhere near. It's an elitist rather unrepesentative bunch of lazy people. They have far too small an overlap with the masses or with the political powers.

    In fairness, the guy was talking about organization for software production and distribution. His point was that the political side was weak and asking about how to change that.

    He's still wrong, and I agree with Alan that this isn't someone familiar with organized religion.

    An additional point is that, as much as Eric Raymond, Richard Stallman and Slashdot editors would like to believe that involvement with free software necessarily involves certain political views, that's not the case. You're not going be able to mobilize all Linux users, or Linux developers, for denouncing gun control, eliminating copyright or guaranteeing children the right to view porn in public libraries for the simple reason that most of those users and developers don't believe in those things.

    • Reread the last paragraph of Alan's first response. It's exactly how you mobilize a constituency. You make a reasonable claim that appeals to them and use their loyalty to that cause to support your other causes. Do you really think most union workers or minority voters actually care about the environmentalist or pro-choice or some other liberal political agenda? Of course not, but that's the vast majority of their constiency, who because of loyalty earned for some other cause, support the party unilaterally.

      It's called compromise. It happens in politics all the time. Only the politicians aren't the ones doing it, its their supporters, who will compromise on one or more issues to in order to obtain representation for themselves. And that's what Alan was afraid of. People with reasonable goals giving their allegiance to those who may support their aims, but also have other agendas, including racism.
  • by Rogerborg ( 306625 ) on Monday May 20, 2002 @10:44AM (#3551013) Homepage

    While I'm fascinated to hear Alan's views on life, the universe and everything, I can't help but notice that a minimal boot of my 2.4.18 kernel with nothing running but a serial console, bash and free, is leaking memory, a few K every couple of seconds.

    Still, I expect that's due to racist European politicians or the EU-DMCA. Those Belgian bastards are stealing my memory!

    • Eh. Are you actually losing memory, or is it just filling the buffer cache up with random logs and such? No reason not to - if you need it, it's already in RAM, and if not, it's easy enough to toss...

      I get complaints about this weekly on our Solaris boxen.

  • When all you have is an encrypted SSL session how are you going to figure out if its a legitimate bit of ebusiness with a related company or someone in your company uploading your entire company customer database?

    I dunno if I can agree here.
    What exactly would be the difference between running ipsec over a firewall?
    All the firewall admin will know is that there is data going over the ipsec interface.
    That's just as much as when there is encrypted .net going over it (whatever .net is?).
    • It's the outgoing that's the problem, not incoming.

      If I want to prevent outgoing ftp from my system, I block port 21. I block port 25 from all IP addresses but my email server, and I no longer have to worry about unauthorized email servers, or MicroSoft viruses emailing directly out to the internet. MicroSoft finds it difficult to work with ports, and wants to get rid of them. Remember the story about MicroSoft calling HTTP the cockroach of the internet [com.com]?!?

      HTTP and port 80 are fine, unless you want to use it as an RPC mechanism. And with MicroSoft's track record for security, I really do not want them replacing my security mechanisms.
  • Alan Cox clearly doesn't understand copyright -- what is that baloney about it being invented by oppressive regimes for censor? Copyright was something an author sold a publisher, and didn't exist in any form, really, until it got put in the American constitiution. The problem then was the publishers were ripping off the writers, and it was made to protect a writer's (and the publishers he contracted with) rights. The pirates, from the start, were publishers.

    He's right about the political machinations though. When the only alternatives are some fruitcake space cadet with a bunch of platitudes or a racists with a promise to make the trains run, people are going to say, hell with it -- if we can't have a decent government, at least we can have reliable transportation.
    • by mpe ( 36238 ) on Monday May 20, 2002 @11:00AM (#3551130)
      Alan Cox clearly doesn't understand copyright -- what is that baloney about it being invented by oppressive regimes for censor?

      Sounds like Alan knows perfectly well what he is talking about. History didn't start at the same time as the USA.

      Copyright was something an author sold a publisher, and didn't exist in any form, really, until it got put in the American constitiution.

      The US Consitution borrows ideas from all over the place. The IP section is taken from a 1710 piece of legislation, "The Queen Anne Copyright Statue".

      The problem then was the publishers were ripping off the writers, and it was made to protect a writer's (and the publishers he contracted with) rights.

      Until 1710 the concept of "authors rights" was not recognised. The situation of authors ending up having to assign copyright to publishers most certainly does cover the current situation, nearly 300 years later.

      He's right about the political machinations though. When the only alternatives are some fruitcake space cadet with a bunch of platitudes or a racists with a promise to make the trains run, people are going to say, hell with it -- if we can't have a decent government, at least we can have reliable transportation.

      One important think to consider is that there is a lot of diversity in European politics. I'd expect people in the US to have been suprised at the number of political parties competing in the recent French, Dutch and Irish elections. Assuming these were covered at all...
    • by greenrd ( 47933 ) on Monday May 20, 2002 @11:29AM (#3551347) Homepage
      Alan Cox clearly doesn't understand copyright -- what is that baloney about it being invented by oppressive regimes for censor?

      No, he's right. You just aren't aware of the history of copyright.

      Copyright was something an author sold a publisher, and didn't exist in any form, really, until it got put in the American constitiution.

      That's breathtakingly wrong. Americans invented copyright? I love this "oh no-one had ever heard of X until Americans invented it" view you USians have.

      • That's breathtakingly wrong. Americans invented copyright? I love this "oh no-one had ever heard of X until Americans invented it" view you USians have.

        Whoa, slow down there, tiger. Yeah, the poster wasn't thinking too clearly -- no question. Just don't lump me in with him (or her). I don't eat pork rinds, watch wrestling, talk REALLY LOUDLY in English when I'm in France, or think Walt Disney invented the Notre Dame or hunchbacks.

        Your broad brush has splattered paint on my shoes.
    • Hmm.. besides being wrong, another interesting point about the American copyright system is:

      Before the 19th century, America was popularly considered a Pirates paradise for copyright infringement by Europeans.

      Another interesting item: You'll find that numerous books published before 1930 in the USA contain no copyright at all.

      Pan
    • Copyright was something an author sold a publisher, and didn't exist in any form, really, until it got put in the American constitiution.

      Why are Americans so embarassingly ignorant of history? Are schools in the United States really that bad?

      Unsurprisingly, copyright in the United Kingdom [intellectu...rty.gov.uk] dates back to before the revolting colonies threw their tea out of the pram. And Alan is absolutely right that - in England, anyway - it was based on the 1662 Licensing Act, whose aim was primarily censorship [xrefer.com].

      I'm not claiming the United Kingdom had the first copyright laws; I think at least the French and the Dutch had them before we did. But we had them before the United States even existed.

  • .NET and Firewalls (Score:4, Insightful)

    by SteveX ( 5640 ) on Monday May 20, 2002 @10:54AM (#3551093) Homepage
    I don't understand his argument here:

    When all you have is an encrypted SSL session how are you going to figure out if its a legitimate bit of ebusiness with a related company or someone in your company uploading your entire company customer database?

    This is supposedly referring to the dangers of .NET - but if you allow an encrypted SSL session to send data outside your company, you don't need .NET or any other particular technology to upload sensitive company data.

    The right way to do it would probably be to require SOAP connections to be done unencrypted on the inside, encrypted at the firewall and communicated externally that way.. Then the firewall gets the ability to examine the data before encrypting it and sending it out (or not).

    HTTP supports posting data and files through encrypted sessions - you don't need anything more than a copy of Netscape to send a sensitive document out in a way the firewall can't prevent (assuming you allow any outgoing SSL connections.. and most companies do).

    SOAP doesn't require that it be done over port 80 HTTP; that's one of the implementations but not the only one, and if you don't like it, don't use it. It's really easy to move it to another port, for example, or use a different transport completely like SMTP [pocketsoap.com], straight TCP, or even Jabber.

    - Steve

    • by wurp ( 51446 ) on Monday May 20, 2002 @12:18PM (#3551786) Homepage
      If you allow ANY data to go out over the firewall, then someone can transmit any data to which they have access. Any bit that you don't know exactly why they sent it (whitespace in html, noise in a picture, word order in a written document, etc) is a bit which could transmit private data.

      If you give someone access to data, stopping them from sending it out is next to impossible. You can make it harder, but that boils down to searching them when they come in & leave and disallowing any communications for which they don't have a business reason. Even then, a determined person will still get the data out.
  • .NET is our friend (Score:3, Insightful)

    by AirLace ( 86148 ) on Monday May 20, 2002 @10:59AM (#3551126)
    I was reading along happily until I got to this part of Alan's response:

    What are your feelings on Microsoft's .NET and any initiatives to make the technology work on Linux?

    Alan:

    Microsoft has publically stated that it has patents on critical parts of .NET and will enforce them. If you think that .NET is a good idea, or cloning .NET is a good idea, remember you won't have a US market unless they find you amusing enough to allow to live on. And if you think Microsoft can be trusted on this look at their recent activities against Samba.


    This is FUD, plain and simple. The fact is, that the .NET CLR and C# specifications are right up there on the ECMA [www.ecma.ch] standards board for anyone to freely implement. Any non-standardised aspects of Free implementations of the .NET framework (for example Mono) are being develped without the use so-called 'Shared Source' code, only by observing the Microsoft environment. There are several examples of legal precendence for clean-room reverse engineering -- see here [userland.com] for a comprehensive exploration of this area of the law.


    The system itself is mildly interesting as a technology. Its yet another virtual machine, roughly equivalent to picojava in capabilities. It has an interesting way to self generate IDL, but one which their own papers say cannot represent all programming languages.


    Once again, the technology takes ideas from Perl (foreach, anyone?), Java (VM, OO style) Visual Basic (properties done right this time). Best of all, it's designed to be able to integrate with existing code -- existing Gnome/KDE/console programs will be able to call a simple C library to invoke functions from a cross-platform .NET object file. I think this is far more complicit with UNIX's component-based design than Java's 'rewrite everything in Java' mantra.

    And of course it "cannot represent all programming languages." You of all people should know that Alan -- this is by design, not a flaw of the architecture. There's always a balance to be made between running code natively and running it on a Virtual Machine. What I can say is that .NET comes a damn sight closer to the goal of language unification than Java (or any other cross-platform executable platform) ever did, and I bet you know that full well. So I don't understand why you're making these empty arguments.


    The more dangerous parts of
    all this are not so much .NET but chunks of the model that not only the .NET product and the Java standards rely on. Things like xmlrpc, soap and the stuff on top of them are designed to "interwork through firewalls". A better phrase would be "go through the firewall like a knife through butter in a way that prevents the companies involved monitoring the activity".

    When all you have is an encrypted SSL session how are you going to figure out if its a legitimate bit of ebusiness with a related company or someone in your company uploading your entire company customer database?


    And this is a bad thing? Point-to-point crypto, as you point out so aptly, is something that allows the decentralisation of control. Sure, this may be a bad thing for packet-Nazis ("legitimate bit of ebusiness with a related company" as you say), but the fact is that the world is begging for a secure point-to-pont encryption technology that's both relatively secure and simple to set up (I am a GPG junkie but that doesn't mean I expect the rest of my family to be).


    Alan's ideas are usually good and I've been involved with the formation of the AFFS in the UK as well as having donated to the EFF in the US several times, but he will not make any friends by insulting some of the smartest developers on the Linux desktop today. Like it or not, .NET is becoming a force to be reckoned with on Linux.


    The Mono .NET framework implementation is more complete than many people realise, and in terms of efficiency, design, feature-completeness, and best of all, freedom, it beats the non-free Java implementations hands-down.


    Debian users will be able to apt-get install a JIT virtual machine that can play cross-platform applets in their browsers for the first time ever without resorting to propriterary software, and as far as I'm concerned, that's the most important thing we can ask for from a desktop OS -- a good, modern infrastructure for the development of desktop and server applications.


    Any legal objections are simply false. Eben Moglen [columbia.edu], rofessor of Law he will then once again have my full support.

    • Last paragraph should read:



      Any legal objections are simply false. Eben Moglen [columbia.edu], professor of Law and Legal History, and the Free Software foundation's top lawyer, has already given the go-ahead [ximian.com] for the Mono [go-mono.com] , therefore I can only explain Alan's anti-.NET arguments to be either misinformed, or written to misinform. I hope he will redirect his efforts to more worthy issues [slashdot.org] in the future; he will then once again have my full support.

      • Eben says "the patent issue is unaffected by" - referring to the rotor source code license. Read - you didn't have any rights before, you don't have any now.

        ECMA is not an immediate magical patent waiver system.
        • You think the .NET standard is legally less safe to implement than, say Sun's proprietary Java (you didn't sound so ambivolous towards Java). Or do you think we should be coding desktop applications in C and Perl?


          The very idea of a standard that is not freely implementable is to be laughed at. If you don't want it to be implemented, you don't call it a standard -- you call it Intellectual Property or a trade secret. Microsoft has positioned the .NET as a cross-platform runtime environment and the Mono people are realising that vision.


          I'm not one of those so-called "pragmatists" who argue for Free Software whilst using Microsoft Outlook and Word, but I do recognise a good, free technology when I see one. And this time, it's from Microsoft. Otherwise, how would you explain the existance of Linux, a clone of UNIX, or the IBM PC itself, with which you're so familiar? Again and again, we've seen examples of people implementing standards in clean-room environments -- it's part of the software industry, and trying to gun down projects like Mono for doing the exact same thing is simply unfair.


          Idealism is something that's too often ignored these days, but your arguments against .NET represent the inverse situation; your attitude towards .NET illustrates what can go wrong when ideals are misapplied.

          • You think the .NET standard is legally less safe to implement than, say Sun's proprietary Java

            That's funny. I get my "Sun's proprietary Java" from IBM.
            Regardless of non-binding statements by non-principals, I would prefer to trust a pair of 2-ton-whatevers to keep each other honest.

            The very idea of a standard that is not freely implementable is to be laughed at.
            Well, there's the standard meter. Lot's of luck freely implementing that.

            Microsoft has positioned the .NET as a cross-platform runtime environment
            Cross-platform? Wintel-to-Wintel?
    • Once again, the technology takes ideas from Perl (foreach, anyone

      foreach is a shell construct. Perl took from the shell (I think Bourne), foreach is not Perl's idea.

      Cheers,
      Ian

    • by ClarkEvans ( 102211 ) on Monday May 20, 2002 @11:55AM (#3551573) Homepage
      This is FUD, plain and simple. The fact is, that the .NET CLR and C# specifications are right up there on the ECMA [www.ecma.ch] standards board for anyone to freely implement.

      Just beacuse it is an open spec doesn't mean that it isn't burdened with patents. About 6 months ago I was down at the PTO filing a provisional (I do this often on the stuff that I write... with no intention to follow up; it just puts my stuff in the public domain so no one can patent it) and ran into the fella from IBM. He had a huge stack of patents (about 40 or so). I asked him how often he does this... he smiled and said "about once a week". I multiplied 50*40=2000 patents? And he just grinned, proud of this legal terror they had constructed. I can't imagine that Microsoft is much different. In those few hundred (perhaps a thousand or more) software patents I bet there are several on CLR. And I bet if/when you seriously come close to threatening Microsoft, they will use them against you. So please. Calling something FUD when it isn't is just niave.
      • I'm surprised there are still people on Slashdot who haven't heard of the exception to patent law called Independent Discovery. I could go ahead and describe it here, or I could quote one of the more eminent legal resources [nolo.com] on the Web. Basically, if you didn't copy the patent directly off their patent claim sheets, then they don't have a case against you (US and UK law):




        1. Independent Discovery

        Anyone who creates the same secret information independently -- even if it is identical to your business' trade secret -- is free to use and disclose that information. In other words, creating a trade secret, by itself, does not grant you exclusive rights to use that secret.

        EXAMPLE: Dudely Company and Manly Company sell competing after-shave products. Dudely creates a database that compares different brands of after-shave advertising and resulting annual sales. Dudely uses this trade secret information to determine how to allocate its advertising budget. Manly's president independently creates a similar database and publishes it in a business book. Dudely will be unable to protect its formula under existing NDAs because its database is no longer a trade secret.

        To preserve a possible claim of independent discovery, many companies will not look at materials furnished by an outsider who wants to sell something to the company. By refusing to consider unsolicited materials, the company has a better argument for its independent creation of similar products. One method of proving independent creation is to use clean room techniques (see "Clean Rooms" below)

        • No, You're Wrong! (Score:4, Informative)

          by Royster ( 16042 ) on Monday May 20, 2002 @12:27PM (#3551858) Homepage
          I'm surprised there are still people on Slashdot who haven't heard of the exception to patent law called Independent Discovery. I could go ahead and describe it here, or I could quote one of the more eminent legal resources [nolo.com] on the Web. Basically, if you didn't copy the patent directly off their patent claim sheets, then they don't have a case against you (US and UK law):

          Independant discovery only works in a trade secret environment. Independant discovery is not a defense against patent infringement. The book you link to and the stuff you quote is all about trade secrtes, not patents.
        • I'm surprised there are still people on Slashdot who haven't heard of the exception to patent law called Independent Discovery. I could go ahead and describe it here, or I could quote one of the more eminent legal resources [nolo.com] on the Web. Basically, if you didn't copy the patent directly off their patent claim sheets, then they don't have a case against you (US and UK law):

          No, you're wrong. The link you gave is about trade secrets, not patents. Independent discovery does not mean you are safe from patent infringement.
    • patents? (Score:3, Insightful)

      by Ender Ryan ( 79406 )
      You didn't address Alan's claim about the patents Microsoft holds on the "technology" that .NET is based on.

      If what Alan said about the patents they hold is true, then nothing you said is very relevent.

    • Clean-room reverse-engineering is not possible against a patent, because everyone is presumed to have read patents. That's why the word is derived from the Latin for "well-known" or "open". The point is that you tell the world how something works in exchange for a temporary monopoly on implementing it.

      .NET doesn't actually do any better than Java at being cross-language; as far as I know, no language (other than C#) has been fully implemented with .NET. You could, of course, restrict yourself to using the parts of your favorite language which are supported by the .NET implementation, but then you might as well use C#. .NET isn't cross-language; it is merely cross-syntax. On the other hand, Java (bytecode) isn't any more cross-language. But it's not supposed to be. A far better cross-platform, cross-language VM is actually x86 machine language, which is available on several platforms as a VM (including a cross-processor linux implementation), as well as several direct implementations and microcode implementations, and which permits effective implementation of essentially all programming languages.

  • > Next week may involve repotting plants I think, and trying to work out why one of my spiderplants is dying.

    I wonder if he has any ulterior motives for having spider plants ...
    :)

    (RMS allegedly has a phobia of spider plants
    http://www.geocities.com/stallmanus/ )

  • Nvidia vs ATI (Score:3, Interesting)

    by joneshenry ( 9497 ) on Monday May 20, 2002 @11:23AM (#3551309)
    Alan Cox admits he just can't make an economic argument to Nvidia why they should open source their drivers. He tries to save the situation by doing some hand-waving about patents and IP but eventually has to acknowledge that open-sourcing the drivers would help Nvidia's competitors.

    Let's be blunt, if Nvidia were to open source their drivers even Alan Cox is admitting that say ATI could act as a parasite on Nvidia's IP. And that would simply be wrong. Nvidia has invested in a unified driver model where Linux support is almost on par with Windows support whereas ATI has chosen to not invest in skilled driver writers. It is incredible that card generation after card generation the universal complaint about ATI is always about the drivers, the company is based in Canada where presumably with any sort of effort they could hire extraordinary programmers to write these drivers, yet ATI management chooses this area to skimp on spending money.

    Why should a company that is too cheap to hire sufficiently skilled programmers be given a free ride on Nvidia's investments?
  • by RalphTWaP ( 447267 ) on Monday May 20, 2002 @11:38AM (#3551419)
    Well.... Damn, it's about time I heard this viewpoint.

    Let's just say, that as a somewhat interested code-monkey, I've been wondering off and on now about a bit of what the following answer touches on

    Blockquoth the poster (evermore till the /BLOCKQUOTE, with emphasis added):


    3) Microsoft .NET and Linux
    by SL33Z3

    What are your feelings on Microsoft's .NET and any initiatives to make the technology work on Linux?

    Alan:

    Microsoft has publically stated that it has patents on critical parts of .NET and will enforce them. If you think that .NET is a good idea, or cloning .NET is a good idea, remember you won't have a US market unless they find you amusing enough to allow to live on. And if you think Microsoft can be trusted on this look at their recent activities against Samba.

    The system itself is mildly interesting as a technology. Its yet another virtual machine, roughly equivalent to picojava in capabilities. It has an interesting way to self generate IDL, but one which their own papers say cannot represent all programming languages.

    The more dangerous parts of all this are not so much .NET but chunks of the model that not only the .NET product and the Java standards rely on. Things like xmlrpc, soap and the stuff on top of them are designed to "interwork through firewalls". A better phrase would be "go through the firewall like a knife through butter in a way that prevents the companies involved monitoring the activity".

    When all you have is an encrypted SSL session how are you going to figure out if its a legitimate bit of ebusiness with a related company or someone in your company uploading your entire company customer database?


    So, I'm mostly curious. Is the whole XMLRPC, SOAP, Web-Based Client, Firewall circle self driving? Network administrators started putting up firewalls so that undesireable traffic would go no further. Then the *.net busted onto the scene and port 80 sort of popped right open pretty much everywhere. Now we write complicated schemes (and schemas) and wrap all our data into a session-oriented layer on top of a connectionless protocol, and shuttle it out (often, as noted in the quote, with great encryption) across the ubiquitously open ports.

    To what end? We've essentially arrived at a multipurpose protocol layered atop a single purposed sub-section of a multipurposed protocol, the firewall vendors make the bank, the network admins get a bit more automated every day, and all that's old is new again.

    Wierd.

    You people kill me laughing

  • .Net (Score:4, Interesting)

    by hackus ( 159037 ) on Monday May 20, 2002 @11:39AM (#3551434) Homepage
    The idea of creating and using a independant language based development facility to create software has no basis in reality.

    I for one don't care about language independance as there is no use for a application written in X different languages. US Military tried that two decades ago and said enough is enough, and created ADA to solve that problem.

    It would seem Microsoft hasn't kept up to date on the historic research in antiquidated software development practices.

    Not surprising, it hasn't kep up to date with MODERN practices either!!

    .Net was created with one thing and one thing in mind only, to destroy Java and to sell more software, not because it solves a pressing problem in the market place. (Beyond people flocking to Java to solve the decade old problem of keep software alive and well between hardware upgrades.)

    .Net was not created because it offers something of value to the market place.

    .Net was not created because it solves a technology problem in our industry like Java. (i.e. Truly portable code over target machine hardware)

    .Net in short is a solution looking for a problem.

    It offfers NO advantage over its target market it wants to kill, (i.e. Java developers) and actually restricts your organization by not allowing your software to run anywhere but on Microsoft's own limited vision of what computing power is, (i.e. PC hardware).

    Like so many other times I have commented on .Net, it is a ludicrously expensive software API to develop on, and offers no real value in developing internet based applications as a result.

    -Hack
  • It's interesting how most of the questions have a self-serving angle, as if the asker is just trying to get Mr. Cox to agree with him. And moreso, those questions were exactly what you'd expect from zealots without much real-life experience. Someone actually thought that "open source" was the worlds largest grassroots organization? And I love the guy who sees PC has being "open." Open in what sense? Do you have the VHDL for your Athlon or GeForce 2? Is being able to swap one overpriced video card with a bad driver for another really all that empowering?

    Kudos to Alan for some level-headed responses, given the loons who asked questions.
  • by Ogerman ( 136333 ) on Monday May 20, 2002 @12:39PM (#3551956)
    I'd like to see the SSSCA stuff solved by market forces and sanity too. Let the Hollywood folks make themselves an antitamper PCI or USB2 hardware card that has only encrypted data in, a smartcard slot for per user rights management and an SVGA analogue overlay/analogue out. If the market is right they can sell/give away such hardware and make a profit on the films.

    I can't believe I'm reading this bullcrap coming from AC himself. If I pay for digital content, I have every right to expect to have open access to the original digital stream for whatever the heck my Fair Use desires may be. (Hey, maybe I have a digital projector and want to run the signal through a de-interlacer, sharpen filter, or perhaps scale the output to a different resolution for doing multi-channel viewing). And it is NOT hollywood's right to dictate via DRM, hard-coded or otherwise, what I may do with the content I've legally gained access to, whether cable subscription or open air broadcast. So if I want to take the HDTV stream from my favorite TV show, edit out the commercials, scale it down to 160x120, encode it to DivX and play it on my iPaQ, I should have every right to do so. Same goes for any type of audio-only format. The beauty of open technology is flexibility. I can be creative with it and bend it to suit my needs.

    What Cox is suggesting would be better than SSSCA-like government mandated PC hardware / software copy controls, but it is by no means good for the consumer and it is still by any means, an anti-innovative technology. Oh yeah.. and it wouldn't prevent 'piracy' either.
    • by Xylantiel ( 177496 ) on Monday May 20, 2002 @01:01PM (#3552119)
      His point is that the DRM people should stick to technology and leave the laws alone. He believes that without the laws to back them up, the market will do away with them for exactly the reasons you give.

      Copyright is a negotiated agreement for material that is publically disseminated (the author gets a limited monopoly in exchange for not keeping his work under lock and key). Movie companies don't like this agreement, so they want to change the laws to extend their theatre into your home. i.e. they want to be able to publically distrubte material and keep it under lock and key also! Alan's point is to leave copyright alone and they should use their own hardware and possibly contractual measures to 'reach into the home'. Then just let the market do it's job and determine if this is a viable business model.

  • by Rob Kaper ( 5960 ) on Monday May 20, 2002 @12:56PM (#3552073) Homepage
    The UK encrypted to air TV people went spectacularly bankrupt but thats market forces at work.

    Same in the Netherlands. They wanted to hide our premier football league (American? read: soccer) behind a subscription model. Noone used it, the "Sport 7" channel went bankrupt and football is right back on public TV.

    Turns out you can't cheat the public from what they think should be available. Piracy wasn't an issue here (weekly matches are much permanent than movies and audio, which you tend to *keep*). Only bad thing: many of the smaller teams now have huge debts because they made huge investments based on a multi-year sponsor contract of Sport 7.

    Let's hope the general audience will also be smart enough to ignore any devices and software overly protected just for the sake of getting more money. Educating them indeed seems the proper way to fight.
  • European DMCA (Score:3, Informative)

    by NearlyHeadless ( 110901 ) on Monday May 20, 2002 @01:03PM (#3552140)
    While Alan Cox is all up in arms about the DMCA and the EUCD, it should be noted that Britain has banned copyright circumvention devices and publishing instructions on how to build circumvention devices since 1988, long before the U.S.


    See Section 296 of the Copyright, Design and Patents Act 1988 (c. 48) [hmso.gov.uk]

  • by Hieronymus Howard ( 215725 ) on Monday May 20, 2002 @01:10PM (#3552216)
    I'm sick of deleting bug reports from people with the Nvidia kernel modules. I've talked to Nvidia folks about why they do it. The bottom line is that I can't make a good case for them to open source it. Their worries about what it might do to their performance relative to competitors are quite well founded.

    Could you explain this further? The source code for the Nvidia kernel drivers is available (though copyrighted, not GPL) and appears to be well commented. What exactly do they fear from GPL'ing it? That it may degrade in performance? Obviously not that their competitors will be able to see it, as they can already.

    Ian (from Cropredy, ukpml & Sydney linux.conf.au)
    • by akmed ( 33761 ) on Monday May 20, 2002 @01:36PM (#3552440) Homepage
      The kernel drivers are open source, yes. But all they are is an interface between the kernel and the closed source unified binary driver that actually controls the hardware. And many people, myself included, have had trouble with it. But some seem to think that AC's the one to send reports to when they should go to Nvidia. Oh well

      -Mike
  • by mttlg ( 174815 ) on Monday May 20, 2002 @01:43PM (#3552490) Homepage Journal
    Knowing the EUCD will trip up its much easier to ensure that there is a nail bed where it will land and you know when to stick your foot out as it streamrollers past, than it is to attempt to hit it head on.

    At least he didn't start going on about Darmok at Tanagra...

  • The more dangerous parts of all this are not so much .NET but chunks of the model that not only the .NET product and the Java standards rely on. Things like xmlrpc, soap and the stuff on top of them are designed to "interwork through firewalls". A better phrase would be "go through the firewall like a knife through butter in a way that prevents the companies involved monitoring the activity".
    When all you have is an encrypted SSL session how are you going to figure out if its a legitimate bit of ebusiness with a related company or someone in your company uploading your entire company customer database?


    This is a part form the answer to the qestion:
    3) Microsoft .NET and Linux by SL33Z3
    What are your feelings on Microsoft's .NET and any initiatives to make the technology work on Linux?


    Hu hom ... I simply do not get that freaking panic about SOAP and firewalls.

    If I run a corporate network and I have a server inside of my network, which exposes its functionality via SOAP, my firewall does not NEED to filter it. Well, sure, I'm paranoid, so I filter the adresses so that outside requests only go to the HTML web server or to the SOAP server.
    What the heck should be the security issue with SOAP via HTTP if *I* run a soap service. I can configure everything to make it bullet proof.

    So other scenario:
    Someone outside of my network is running a SOAP service. Clients inside of my network like to access it. My firewall should "be involved".
    So again, what is the freaking security problem?
    A guy inside of my network likes to upload the client data base to an outside destination?
    So, first thing: I only alow SOAP requests to known SOAP servers where my business processes rely on.
    Second, "of course" I need a inspecting fire wall. I only allow requests which fit my restrictions of service endpoint and called method.

    Third, if you in fact use SOAP you install a forwarding SOAP server inside of your network. That one is configured to accept all requests which are ment to reach a known outside destination. All requests are prechecked if needed or simply forwarded if the destination is accepted or dropped if the destination is not accepted.

    The firewall is configured to accept and pass through HTTP requests with content type text/xml or text/soap only from that server.

    So what is the problem?

    The remaining problem is one can write a custom application using SOAP via SSL to bypass the internal server. The firewall can not check the content because of SSL? I think the firewall still can recognize the content type, only the body of teh request is encrypted, right?

    So, you think that is a SOAP problem? Isn't that a generic problem of firewalls?

    I can write a custom application, a ten liner in Java or likely a one liner shell script with CURL, just using plain HTTP for a plain .html request for a plain web site posting what I like to that side.

    What does the firewall do in that case? The same like in case of SOAP. Either it is statefull and well configured or not. And for inside out attacks firewalls are hard to make water proof I would say.

    Bottom line: I see no SOAP inherent problem regarding firewalls. But thats only because the guys who are much smarter in that respect fail to make clear WHY there is indeed a problem.

    I would love to see some good points showing why SOAP messes everything up(security wise). I only found statement snd no backing, even from Bruce Schneier.

    angel'o'sphere

Space is to place as eternity is to time. -- Joseph Joubert

Working...