# Posts by eulampios

1165 posts • joined 10 Aug 2011

### Shellshock: 'Larger scale attack' on its way, warn securo-bods

#### Do not exaggerate

>>when you have a "hole" in servers and routers and embedded systems, it's a lot more serious than a windows trojan.

It's true, but only provided those routers and embedded systems do have it. Most probably they don't. Even if they do, they have to allow the shell to take input from the outside world to be vulnerable. As for the the servers and other systems, the only rightful real problem is the dhclient-script and a slim chance that neighbor's/random wfif router you happen to connect is waiting there for you.

Any shell language used for cgi really deserves all the current consequences. Those who survive this, will be taught a good lesson .. one hopes.

Now let's compare it with Windows worms, like Conficker, Loveletter?

And BTW, here's even my LMDE system ( which is usually a bit slower than the others) received the latest update now

### Hackers thrash Bash Shellshock bug: World races to cover hole

#### the scary sshd part

Stating that this bug affects Openssh-server (even with ForceCommand details ) and not explaining how is a little disingenuous.

So, ForceCommand variable is used in sshd_config to restrict execution of a specific command for a user, already having the shell access to the machine and allowed to ssh to it. Not a very pleasant surprise for admins to learn how this bug overrides their restriction when it is in place, however it won't be as devastating to sshd and the system in overwhelming majority of the cases as the tone implies.

### Bash bug: Shellshocked yet? You will be ... when this goes WORM

>>This is NOT a problem with the exposure method, be it CGI or whatever. It's a problem with Bash not properly parsing vars.

We must be reading different articles. What you're talking about is the original article about the GNU Bash bug. This one about the inexorable, inevitable doomsday awaiting the humanity due to the affect on cgi. This is a vulnerability affecting all those abusing shell in places it didn't belong even without a single vulnerability as well as might cause some local problems and break local scripts.

>>..as good as Job's "you're holding it wrong" stunt...

It would be my job to correct you your apostrophe as well as observe that you either reading my comment from the right to the left or looking at the wrong article.

>>And your comment only proves that Open Source has long moved from a "philosophy" to a religion, shock full of dogmas and unwilling/unable to face...

Can't talk on behalf of the whole FOSS or OSS. Common sense is my religion, calling spade a spade, or overly-sensational journalism overly-sensational is one of my dogmas, when I am not too lazy.

>>Grow up, a turd is a turd, and if you call it an OpenTurd it still won't smell like roses :)

Not sure about your age, yet judging from "Grow up" there is a high chance I had grown up long before you were born.

Okay, I see someone's already downvoting it. Since it's not being explained, I get it's one of the alarmists out there, either an ignorant or an anti-open source, anti-Linux shill.

It's pretty bad and embarrassing that the popular Shell is capable of this unintended stuff. However, if you're writing a script you would be able to do all the "scary" things the proper way already. As far as things CGI, every shell is not the safest language by its nature and should not be used for this risky business. It's a SHLELL of the system, not a webserver "shell". The article reiterates this known for ages postulate. Shell doesn't have the power nor the convenience of the more capable languages like perl, php, python etc.

Moreover, taking input from a stranger is dangerous already and asks for trouble. Proper tools and checks are to be in place to minimize the likelihood of this. Single quotes in Perl is one solution, not a panacea though, if an input is still blindly passed to operators, say, you can get ddos'ed by feeding it too big of a number or too long of a string, than you intended those to be, if the latter is not being properly checked.

So again, a shell should not have been used in cgi, other potential explorations, like embedded devices, are pretty questionable, as many commenters have said above. Busybox is what is used there for default shell. I got Tomato usb Netgear router here and installed bash on it, the version of which is vulnerable. However, one can talk to it via ssh and web interface within the local network only. The latter is protected by password, the former -- by ssh key. cgi doesn't use bash, the admin panel of the web interface does take the system commands there, which was intended to be so already.

### Mathematica hits the Web

#### Re: Sage

Python is cool, however the many ad-hoc CAS languages are not bad.yet quite simple, it was a piece of cake to learn Pari-gp for me, for example. The names of the programming operators most probably will be the same anyways. Pari-gp for that matter also exists as a C library and is "ported" to many languages, including Python, Perl, Java etc ( I use Math::Pari module myself) . There is also the GSL libraries for the most popular languages as well... (Yes, I know that the word "libraries" is redundant there)

#### @AC

>>..just bemoaning the fact that open source has not delivered much in the way of 'Mathematics for the masses' and the potential of access to many mathematical tools...

You don't seem to be familiar with the subject then. Don't bemoan this, please. There are more than a few of free CAS out there. Some of them are not as generalist systems as Mathematica, but sure excel it in their "little" areas, like GAP in general group theory, Pari-gp in algebraic number theory or R in statistics. All of those are GPL, btw. There is also Maxima, Octave, Axiom, Ycas and more. I particularly like the quite capable and nice Emacs Calc. Sometimes the good ol' small RPN'ish dc can be just enough..

BTW, many of the free CAS are ported to Android already and work pretty damn well there. Pari-gp and even lisp-based Maxima are on Google play. The latter can do everything on the phone what it does on a PC box., (a bit) slower though, I suppose.

### Italy's High Court orders HP to refund punter for putting Windows on PC

Yet, sorry, the "l" in the above "below" should not have been doubled.

s/bellow/below/

#### @the beaten automobile analogy

>>I bought a car and then decided I didn't like the engine, I wouldn't expect to be able to just pull the engine out and ask for some of my money back.

Is any of the bellow true:

1) the engine cannot be re-sold without the car that it was originally installed in?

So AC, what a nice analogy ... or is it?

### Work in the tech industry? The Ukraine WAR is coming to YOU

#### Re: Sanctions

>>The question is - are the Western leaders so stupid as to not know and understand this or are they doing it on purpose and if the latter, what then that purpose might be?

What about the question if Putin is so stupid himself by not foreseeing all these repercussions following annexation of the territory of the neighboring sovereign state and kindling a civil war there? As well as getting immediate wins and popularity while losing big time in terms of strategic national interests and prestige?

#### Re: Morals, ethics, principles...

>>A friend in a neighbouring state was telling me last year that the protesters were paid $50 a day - dollars, not euro or roubles - to keep the protests going. Ukraine don't use Roubles, their own currency is Grivna. How sure are you about this information btw? Disclaimer: being both part Russian and Ukrainian myself and a Russian patriot, I take this matter pretty close. Whether this is true or not about$50/day, it's not a good reason to annex territories from your neighbor, the state with ethnic, religious, genetic and cultural ties to your own being the closest. Calling a 40 million state fascists, nazis while spreading anti-Ukrainian and anti-Semitic, Anti-West propaganda at the same time is no good means for it either. Subsiding the very dire internal problems inside Russia, finding America and the West to be the gist of any issue, that is the current state of Russian affairs. Calling anyone in the opposition a Western collaborationist, harshly castigating anyone who questions the position of the government. Spreading provocative, misleading and often plain false information to set the neighboring state on fire, supporting separatism, while forgetting that this might turn back home in the future as it had during the Chechen wars. This is a the conspicuous double standards and hypocrisy in action.

I'd call it national madness, insanity. This is almost all thanks to the propaganda and people's gullibility. If that would not be a personal matter, no loss of human life and no damage to the Russian prestige , I'd applaud the ingenuity of this PR campaign.

The damage inflicted to the Russian interest and trust is tremendous as result of this PR without any immediate rectification in sight.

### Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM

#### Re: Interesting times

>>You can prove a theory to be true by showing that it being false would lead to a contradiction.

Technically true (called either of the following ex adverso, reductio ad absurdum, by contradiction), however, might be quite problematic to build a whole theory with this method. It is certainly easier to prove a single theorem (statement) out of many the given theory consists of. In proving every theorem you of course can try arguing one at a time by contradiction. It concerns Physics, Math and other sciences.

It usually works best/easiest when alternatives to a statement are few (like finite/infinite, unique/non-unique, rational/irrational). Say, the proof of the Fundamental Theorem of Arithmetic stating that prime numbers are infinitely many, a well-known proof, ascribed to Euclid comes to mind as one beautiful example. Or in proving that sqrt(2), sqrt(n) are irrational, with n being a not perfect square integer. Similarly many existence and uniqueness theorems are proven by contradiction for uniqueness, but not existence.

#### counterexamples and experiments

>>But you also can't prove a negative, so where does that leave us?

What? It usually takes an experiment or counterexample, since a theory (a theorem) involves a certain scope of generalities.

### Sin COS to tan Windows? Chinese operating system to debut in autumn – report

#### Re: CAD/CAM for for Linux&*BSD

Did you use any of the linked ones? No need to use CAD for myself, however, from what I know about CAS software as well as how much complaining that "no good CAS for Linux is available" is heard, it might just be the matter of habit, or the matter of learning new stuff. We also heard about no alternatives to Outlook and MUA which is just plain ridiculous or disingenuous.

On the side note, it's always more convenient and useful to deal with free software on free system, where it's just one click or one apt-cache/apt-get commands before you can try that out.

As for LaTeX (at least, no lesser popular than CAD) Windows had always been more trouble and pain to install, set up and use on, than Linux, *BSD or even Mac OSX.

And it doesn't even include all those viruses/trojans, anti-viruses and disk overfill/fragmentation problems.

#### A trig calc pun

a similar, yet a more Calculus oriented joke and English pun goes like this:

What's the limit of of the function sin(x)/n, as n tends to infinity for a fixed real value of x?

(in LaTeX would read $$\lim\limits_{n\rightarrow \infty} \frac{\sin x}{n} ?$$)

A pun solution to this is 6.

(Cancel out all n's both in the numerator and denominator. Makes more sense than the Squeeze Theorem for a lot of students, even those with very little sense of humor)

>>As an example what professional solutions do you see for CAD/CAM applications ie AutoDesk, Rhino3D, Solidworks

FreeCAD, QCAD, LibreCAD, OpenSCAD, Salome and more for CAD, for CAM there is HeeksCNC and Inkscape (pyCAM plugin) for CAM. That's not the complete list, only those that are free (open source).

However, this is still some special software most people don't use.

### Munich considers dumping Linux for ... GULP ... Windows!

#### Re: @h4rmony and your comparison rules

>>I've used Mutt. I think I can get my head around the addition of a side-bar to it.

Yes, sure you used everything, mutt, elm alpine and raw mail. One indication that you if you did, you don't know much about ti was that you seem to be unaware of Mutt's real shortcomings.

>> I'm not that one that launched into a random attack on another product. I don't believe I've made one factually incorrect statement about Mutt (correct me if I'm wrong - well, you would have), whereas you have made multiple flawed attacks on Outlook. I'd suggest your lack of familiarity is the greater problem here.

I was only suggesting that Outlook is not as capable as Mutt and GNUS. And you admitted that's true, since Outlook can run on MS Windows only and not CLI-based.

Your attacks are predetermined, no randomness. It is pretty funny that your last attack was pointed at Google in that how they were so detrimental to Open Source (had done more harm to it than MS ever had, according to your own words). Picking a few apps Google made proprietary on their open Android system, you're found yourself here vigilantly protecting the proprietary sanctity of Microsoft in the article talking on how successfully Microsoft getting in twisting another pair of FOSS hands in Munich?

#### Re: @h4rmony and your comparison rules

>>Perhaps my car counts as a movie theatre because it can take me to the cinema, too? :D

Can it take you there instantaneously, by pressing "v"and "ENTER"? If so, then yes it sure does, otherwise it's a completely irrelevant analogy.

>>anyone can do it. You just click on Find and then if none of the common tools meet your needs just click on "Advanced Find" and you can add as many criteria as you wish. This includes things such as "received on or after X".

It is similar, not Not that it is the same, since if I do 22/04/1999*3011d it'd be hard to get the exact range, which is Apr 22 1999 - Fri Jul 20, 2007 (thanks to my Emacs calc), you'd need to have a date arithmetic tool or do it manually. What about the IMAP4 server-side search option though?

#### Re: @h4rmony and your comparison rules

>>Here's what you prefer because you think it's shorter and simpler:

Your code is ugly, if it is fine to you, a lot of people won't agree with it. Some people (mostly Unix/Linux admins) think that PS has an ugly syntax and I should agree with them. OO has its place, and shell might not be that.

There is this sense of elegance, no PS, at least in your example, is not elegant.

>>anyone remotely competent should be able to handle that.

So, all of that "normal use case users" are then capable of that, I doubt they would.

#### Re: @h4rmony and your comparison rules

>> I said that Google were historically weak on patents. They were. That's why they went on a massive patent purchasing spree.

So, you've been caught being inaccurate or simply lying then.

>>And interestingly, now that they have lots of patents, they have started charging other people for use of them.

How so? Or you're presuming, assuming, surmising, hypothesizing again, or is just the same as above?

#### @h4rmony and your comparison rules

>>For people not familiar with Mutt, here is the interface: screenshot. This is what you're comparing to Outlook.

For you, apparently, not familiar with the fact that, for Mutt as any highly configurable piece of software, there might be tons of interfaces possible, here more that look like mine

>>you haven't actually used the current version of Outlook in any significant way

Outlook runs only on Windows, so no chance for me, mam (which is not a shortcoming for you according to the tone of the corresponding reply). Let me also assume you haven't used latest mutt-patched as well.

>>You've now shifted your position to "Mutt plus other software used alongside it can do some of the same things as Outlook more or less".

It was your position or the way you extrapolated my position. From one of the last discussions we had, you showed a great power of surmising things (like when you were simply assuming that Google have a lesser patent gut than that of Microsoft's among many other of your surmises)

My position was that "a user can do it within mutt", are you supposed to count all the "external" shared libs too that mutt uses as a dependency? This is how the old Unix paradigm is applied to Mutt, a (text) Mail client. It doesn't prevent me or others from viewing an html body, it gives me more power and options. GNUS btw, can use amongst many others, the "internal" w3m-mode.

>>The GPG4Win Outlook plugin doesn't work for Office 2013 64-bit version yet (that's still quite new) but does for the 32-bit version and others.

Okay, so people that have 64bit Windows version are out of luck then making pretty much every modern Windows machine out? Welcome to the 21st century: unless it's an atom-based or just old hardware, it's hard to find 32bit Windows nowadays.

>>It's Windows only, as I'm sure you know. I very much doubt many Outlook users care.

According to you, they don't care about that, however they would if the the html part is rendered by an external program, like Firefox (by pressing "v" and "Enter")?

>>>4) can it be run without GUI (like in the Core Server environment)?

>>No. Who uses an email client on a headerless server environment? If you're trying to sell Mutt as more capable than Outlook (sorry - "probably" more capable) by holding up its lack of GUI as a feature you're far removed from normal use cases.

It's headless, not headerless. The latter would apply to a gobbled email message, I guess. As far as " Who uses an email client on a headerless server environment?" is concerned, I and many other people very happily do. Are you familiar with the purposes an email service has for an administrator? A malfunctioning service, an error, a warning can be communicated to the local admin via email. It's convenient to have some form of sendmail ( I use postfix), mail-utils and an email client installed on the machine. Sure one can use mail command, mutt is more comfortable, capable and familiar to me though. I bet, based on your answer there is no alternative for the Windows headless server?

>>$ol = New-Object -comObject Outlook.Application gm -InputObject$ol

$mail =$ol.Session.OpenSharedItem("C:\Test Email Subject.msg")

$mail.Forward()$Mail.Recipients.Add("someone@example.com")

$Mail.Subject = "Test Mail"$Mail.Body = " Here is some text"

$Mail.Send() This is a lot of writing and looks pretty ugly. I'd prefer a much simpler syntax like this one: echo "Hello   Here's my message.... " | mutt -F ~/.mutt/one_of_myprofyles -s "Hi from me" someone@somewhere.something -a ~/Documents/attached.pdf  >>Fine. Exchange is recommended so you can use the calendaring and other features, but here is how to set it up with IMAP... A few people in this thread were complaining about the IMAP implementation in OUtlook. this article states that Outlook 2013 has "..."IMAP improvements (although it has a lot of bugs in IMAP)" Hence was my question. As far as Exchange is concerned, it's all MS' proprietary protocol which you also have to buy as a feature if you'd like your server to have. In the 21st century proprietary, lock-in protocols should die out. >>Wildcards only in the default interface. You could, if you wished, create a short script which used regular expressions and attach it as a filter / search. Bit fiddly. As fiddly as limiting/searching for mail containing wildcard constructs like ~d 21/3/2012*3y*5m*2w*3d =f fromsomeone =b "some text in the body "   #-- show me all the emails in this mailbox dated within 3 years 5months, 2 weeks and 3 days since March 21 2012 sent from fromsomeone containing "some text" in their bodies Where "=" (versus "~") indicates to use the IMAP4 server-side method (otherwise it might be a lot of bandwidth and time spent) >>>>7) can you pipe any email message (any part from a message) onto a command from the shell or an application? >>Again, this is far, far removed from normal use case. You could do it with a script if you wished. Or, you know, hit Ctrl+C / Ctrl+V. Your definition of "normal use case" might differ from others'. Highly inconvenient and might be impossible. Say, what if I wanna pipe the whole raw text contents of the email(s), including headers? Putting it into the script instead of the visual approach just removes the necessity of the MUA then, what's the point of using it in the first place? >>Already answered the regex. Yes, you could do this but you'd have to know a small amount about using regex's in scripts. And this is within the "normal use" for you of course. "regex" with wild cards, ok, anyway to use those on Outlook 2013 and do something similar to getting all mail by this construct ~d 21/3/2012*3y*5m*2w*3d =f fromsome =b "some text in the body " bounce them at some address and move to a separate IMAP folder, or save to a local mbox? >>It is actually simpler given that it is GUI based. It's footprint is not as low but it runs fine on any modern hardware. Once you meet the condition of "running fine", you've met user needs. Besides, that's not really a "capability". More goal post shifting. I was not talking about the UI, and btw, you must have not used even the vanilla mutt client, it's very simple to use. Again, is it up to you to come up with criteria and comparison rules: what's 21 century, what is normal use case and abnormal use case, what is modern hardware and software and what is obsolete, whether being cross-platform is cool or sucks and so on? I am at least using the probably adverb. You always seem to be 100% sure about things until get pointed to contradictions as in the case of 40K vs 50K patents fact. #### On Mutt vs Outlook comparison, @h4rmony >>Ability to display formatting or embedded images are two capabilities missing from Mutt compared to Outlook that spring immediately to mind. Mutt got an ability to use external software (w3m, firefox, image viewers) of a user's choice that have this capabilities. It's been done back in the 20th century. An ability to render a raw text email without gobbling it (and without extra clicks) is also a plus, to say nothing about the security advantage a user has when viewing an html body and seeing the forged links. As far as Outlook is concerned, being in 21st there are questions to ask : 1) How many Operating Systems besides MS Windows can it run on? 2) how well does it handle IMAP? 3) can you use pgp/gpg for signatures and mail encryption? 4) can it be run without GUI (like in the Core Server environment)? 5) can you use it in a script or out of the command line? 6) does the search/filtering in Outlook support regular expression (and virtual mailboxes for that matter)? 7) can you pipe any email message (any part from a message) onto a command from the shell or an application? Can you tag any number of messages using regex option as in search/filtering and do the same, or apply mailbox operation such as moving to a different (remote) box, saving, deleting etc? 8) can you use external editor of your choice (like vim/Emacs) for message composition? 9) is it as simple, fast and with as low foot print as Mutt (around 28MB of RAM for me currently for 10K email messages on gmail IMAP)? #### Re: Thanks for that >>"and concerns the web developers, not Mozilla's fault" This attitude. This is why FOSS fails on the desktop. "FOSS fails on the desktop" in your imagination only, sir. It doesn't fail on my desktop. The problem of poorly written (client-side application) js or flash overhead applies to all web browser. It's only the FOSS browser, firefox that can elegantly and intelligently turn any misbehaving code off for you, Noscript. Noscript is also FOSS software. I am no having problems you're describing, as far as I understand, it's not a common one. You're more than welcome to file a bug. #### Re: Thanks for that >>(growing to 3Gb memory over 2-3 weeks of operation is utterly inexusable - it leaks every time a tab/window is closed/reopened) it is, however pretty strange. My Firefox is perfectly fine. Used to have a memory leak year ago, it's been fixed now. Poorly written js stuff do creep in, that is a cpu time involved and concerns the web developers, not Mozilla's fault. Thanks to Noscript that makes Firefox the best js-capable web browser on the planet. #### @sisk >>for lack of a decent email client that will run in Linux. Bollocks, do you know how to use a mail client at all? I am fine with mutt and GNUS (using IMAP and postfix as a sendmail frontend). I bet, those are much more capable than Outlook. #### advanced users >> But no Excel is unfortunately the only spreadsheet that works for an advanced user. Not advanced enough, for better computational performance it's gnumeric (with R embedded). Yet for more advanced users, it's the org-mode in Emacs (with Calc) or/and a proper CAS software. For the advanced users again, latter is easily embedded in the former. #### cats and dogs >>..Mozilla people have done to Thunderbird, but it is slow.. In what setup? Every time when I use it with IMAP (a few gmail accounts) and the local /var/mail ( with or without postfix MTA) stuff it's not slow for me (LMDE). #### tit for a tat has never truly USED Outlook. Anyone who thinks he/she USED Outlook without realizing how it sucks should USE it more or...just try mutt. ### Boffins propose security shim for Android #### Re: This already exists >>And MY point is that Google lacks the motivation to bake in security. What's Google motivation then? I don't think ANY company (even MS) lacks such a motivation. However, motivations and the end result do vary from one company to another. >>especially if saps KEEP their phones insecure sources of personal information. ??? Bottom line is to get a device you can root and run either of the following (or all): Cyanogenmod, Replicant, Ubuntu Touch, FirefoxOS, Sailfish or Tizen. This would be the best and most secure option. This completely excludes BB, Apple or Microsoft. #### Re: @Charles 9 Okay,I must have gotten it, I misinterpreted the abbrev. "BY", I thought it was BlackberrY. My apologies :) #### @AC, the generality quantifier With your assertion, you're getting into an over-generalization problem. Of course, any system has its own shortcomings, those beg to differ though. 1) having apps run under separate uid's is good, permissions will be allowed to have access to files and directories as well as services they are only allowed to! On Windows, where no secure central repositories/ports are available, not only is it NOT guaranteed, you might have to install an app or two as a root, or it won't work for you properly (occurred in the XP times to many, me included). 2) making permissions be visible to a user is good, since one can get an idea about either the intent or incompetence (or both) of the app's author and is able to make a decision of installing or not based on that information. No, antivirus software != apps permissions, since the former: i) is much more complex and error prone (both 1st and 2nd type) ii) needs system resources, at times pretty excessive resources (cpu, disk usage and RAM) iii) needs to be trusted, otherwise, checked for possible malware or backdoors by itself. #### @Charles 9 >>Actually, that was BY design. What design are you talking about exactly? For apps permissions: --- to have them separate in the first place and be able to see them, or -- being able to allow or not allow those permissions separately while still able to install an app? As I believe, the latter was available for all versions of BB greater than or equal to 5.0 (since 2009). As far as the former feature is concerned, are you sure that it was BB's design prior v 5.0 (say, v.3.6)? Since, Android was released in 2008, saying nothing about the start of the project circa 2005, when Google acquired it. #### Re: It's the humans, stupid, and boy, are they stupid >>Some of those have got to be malware, and I have no way to tell good guys from bad guys. Ever tried checking permissions? Bad or good it all comes to what they are capable of doing as well as if a developer is lazy/incompetent to require unneeded permissions. Look for the open source ones (check if it is really an open source) as well, this would be a better guarantee for it be a good one. ### The Return of BSOD: Does ANYONE trust Microsoft patches? #### @Chica and the unspecified problem Since you're not being specific on what the problem, distro and the drivers are, let me give a general piece of advice: reboot to the previous desktop you had a full working desktop with. If that's bloody nvidia --> nouveau transgression or vice versa, you might need to do something additional as to edit the /etc/modprobe or /etc/modules/ entries and blame Nvidia for all this additional trouble . #### @Mark Allen >>Drivers clearly not fully following the correct rules in the MS manuals. And how do you know that exactly, or that MS follow their own manuals in the first place? Is the source code available? As for the OS flaw, once again, I said that earlier and got downvoted without any explanation: on a GNU/Linux system an old stable kernel is never discarded so that a user could boot back to it and get a functioning system again. ### Microsoft cries UNINSTALL in the wake of Blue Screens of Death™ #### @ Vince >>Linux updates of various types don't always go smoothly either. Only that (GNU) Linux supports many times more hardware, including various CPU archs, and a few magnitudes more of software than Windows does. Plus the update mechanism is more robust as well. In case of any trouble with a new kernel, the latest stable can be used since it's almost never discarded, thanks to a better modularity. More so, you don't need to write any special powershell code to "determine if users had installed affected updates", you simply look in the /var/log directory (on Debian based systems /var/log/apt/history.log) ### Microsoft blasts sueball at Samsung over Android patent royalties #### Re: being disingenuous again? >>sn't selling to a country where Google is banned that is selling both Google Android and an incompatible version. 1) Okay, what do you mean by "Google being banned"? I know you are talking about China, I understand, the fact that China market is the hugest and Android OEMs leadership is much more pronounced than outside of China. This all ruins your theory. However, what exactly, at least formally do you object with China? Since, Samsung, Lenovo and HTC are on par with ZTE and Xiaomi, Yulong ( see here ). I know also that at least ZTE is an internationally well known company. So according to you, Google must do something about their naughty beahavior to get away from the iron grip. They are not in OHA. Why do they not apply. Explain this to me please with some links and without speculations. You want to exclude China from the list but took into consideration the Acer-Google accident, while Acer was trying to ship a phone in China. 2) Your original speculation was that Google would not allow to use "the most important " bits of Android, their proprietary apps and AppStore. While it has turned out, they on the contrary won't let you use AppStore without preinstalling most of those, thus imposing their bloody, free (as in beer) apps upon poor little OEMs. You also said it would require huge costs to redevelop them on their own, I am guessing, billions or trillions of$US. Well, I have to guess, since you just surmised out some possibly thin air.

3) BTW, you never responded to the "eunuch's chastity" counterargument (50Kvs 40K patents at some point, where Google had the greater number of them) as well, just wondering what would you say in that case?

#### Re: being disingenuous again?

>>Much of the rest of your replies seem to consist of you saying what I said, but I don't recognize your versions as my own.

Let's see: : >>And this one : "You might also note that Google will kick you out of the OHA ...and thus from selling devices with PlayStore and their services on"

This again is your own speculation entirely! There are a lot of OEMs not participating in OHA. Actually you got exactly the opposite of what it is! According to Arstechnica article "Devices may only be distributed if all Google Applications... are pre-installed on the Device."

#### being disingenuous again?

>>Quick question - when MS were trying to stop Dell selling GNU/Linux laptops did you object? I did. I bet you did too. Google are pulling the same thing with insisting you sell only their version of Android or you can't sell theirs at all.

Yes I did object to Windows Tax back then and still continue to do so! (Do you now still?, I am sure not) I also object to making completely unfair comparisons! That's what I meant when calling to question the ability to deal with inequalities, yours and the rest of Google haters, Microsoft, Apple and Oracle fans. So, lets' see, shall we?

1) Windows - a proprietary OS? -yes. Android is mostly Open Source (BSD, GPL etc).

And when you would try to bring up the proprietary Google's apps, I counter it with so many things, like MSO (of different types and juices), Exchange, VS, MS Sql server. So you better drop that! I might even drag a photoshop or something :)

2) How much is the license (the user pays at the end?): Windows -- a $variable amount depending on the MS' rocket science pricing scheme; Android -- free, moreover with the source freely available, so go ahead and grab the code. >>They use the same stick - market dominance. I'm criticising them for this. But strangely you're now determined to argue that Google is "more noble" than other companies. Why the double-standard? To me, you appear to be championing the flag, not the country. No, the standards are all yours to multiply! Proprietary -- Open Source, Free --Paid. You and the others make up stating that it is absolutely important that everything that Google ship is free (as in beer) and open source! because pure Android is a trifle, Gmail app, AppStore , voicemail, search and whatever is the real treasure! It's free as in beer, but not libre (unfortunately for me as well), yet equating these two things is utterly unfair and simply hypocritical! Now for a user that buys a Windows preinstalled machine, it's both morally and financially important to be able to get rid of Windows and get reimbursed for the Windows license. This is where all neat things start. It used to be hard but doable with Win XP, Vista and harder with W8. It now became both hard technically to install an alternative OS on a brand new machine, and merely impossible to get the money for the license back from either MS or the OEM. Not only do they make consumers eat their Windows OS, they make'em pay for it in the "bundle" with the whole machine! ================================== (had to edit the original withdrawn post due to spelling) #### Re: Let me try it agin, h4rmony >>That's very much against the spirit of Libre Software. Ironically, you're wrong, if you grab a GPL code, close it and start distributing to the masses, you're very much liable for prosecution. That is the difference from GPL vs. BSD, Apache and other free software. In your lingo, GPL locks in the free software community. Some BSD zealots might very well agree with you on that though. I also didn't find any clear information on whether Yun OS is OSS or proprietary. But this is pretty much the indication of of it's not free, when its source is not freely available. Rubin and other only concluded that it is a fork based on the fact it runs many Android apps. This article gives more details plus it mentions that Alalyun App Store got pirated apps from Google themselves and GooglePlay. Now, wait a minute, in your logic MS = Google (*), so what does Google do to "protect their intellectual property"? No, they don't sue Alibaba, they just tell one of their partners to abide by the commitment to not do exactly this. Oh, and I forgot, that Google abstain from adultery because they... are a eunuch in the patent sense. Alibaba are sure much more powerful than Google... Or are they? Now let's talk about the chastities more closely... According to this and this, in 2013 Google and Microsoft had 51,000 and 40,000 patents, respectively. This means that if Google is an abstinent eunuch, than Microsoft must be an impotent and a sexually unattractive individual. I know, that you once again have assumed it... There is a difference of 8 months between these two sources, it still puts a great deal of doubt on your theory. =================================== (*) Oops sorry, I forgot that in your theory (and a theory of many others) Microsoft != Google, but Microsoft >> Google (in the good sense). #### it's your speculation... You might also note that Google will kick you out of the OHA (and thus from selling devices with PlayStore and their services on) if you also make a non-compliant device. It is making devices with incompatible forks of Android might kick you out of OHA! And this one : "You might also note that Google will kick you out of the OHA ...and thus from selling devices with PlayStore and their services on" This again is your own speculation entirely! There are a lot of OEMs not participating in OHA. Actually you got exactly the opposite of what it is! According to Arstechnica article "Devices may only be distributed if all Google Applications... are pre-installed on the Device." It is: you can only preinstall the PlayStore if you preinstall all of our applications! So the Google's cabbala exactly precludes you from spending those tremendous amounts of money , you were deploring in all of your posts here, that a company should spend if it wants to get away from the "iron grip" of Google. Not that you provided any figures showing how much would those apps cost a company that decides to go its own independent way.... #### Re: Let me try it agin, h4rmony >>Sadly, every year projects like Replicant and Cyanogenmod become harder and harder as Google moves more and more of the userspace into Closed Source. So you really don't know what is the main difficulty for them? The real difficulty is not in the userspace, mam, it's the kernel, more precisely, it's the device drivers that are binary blobs! More so, that is why the proper GNU/Linux got so little traction there. Linaro, Debian, Mer, Sailfish OS. Some of them have to take the blobs, if they can, like Ubuntu Touch or Sailfish OS. I used a Bodhi Linux (Debian) on a very low-end no-name Allwinner Chinese tablet. It was very nice, it would have been awesome, if there were proper drivers (from Arm and Allwinner). Bodhi now don't support this soc and most arm archs, not because of Google shackles, but because of the SoC OEMs (sometimes including ARM themselves), who don't care about the free software. Being far from perfect, Google should be given their due though. Not that there are no poor decisions made by Google: going with Apache Harmony instead of IcedTea, not ensuring good code for the kernel and letting device OEMs create a big mess there. BTW, I try not to use Google's software if they are not at least mostly open source. So I have Chromium installed on some of my systems, not Chrome. I would prefer Cyanogen or Replicant, but better Ubuntu, Debian, Fedora or Arch, not the stock Android. No disrespect to Google here, "thanks" to OEMs. My next phone would probably be Nexus, since it's better supported by both Ubuntu Touch and Sailfish. A touch device should be able to run GNU/Linux too. #### Re: Let me try it agin, h4rmony >>Your analogy breaks down because I don't consider you Plato nor my teacher. That you liken yourself to either is a little presumptuous, imho. Neither do I consider you Aristotle. If you didn't get it, it was a gentle allusion to the fact that what you call "faith" in my argument , was an experience, induction, observation, extrapolation after all. In particular, that Google would continue doing in the future what they have been doing before. Instead of admitting that it makes a lot of sense, you are calling it faith-based. Sounds disingenuous to me. >>I replied with several examples of how Google uses soft controls to restrict the behaviour of Android OEMs, of previously Open Source parts of the userspace they had turned Closed Source (I gave examples), prevent companies from forking Android - a key principle of Libre Software - using market dominance (again, I gave an example), "Several" examples was only the soft keyboard. What about a pdf engine (pdfium) that they opensourced? Does this neutralize all your examples? You also mentioned that OEMs cannot set up their own stores or put their apps in the Google's store? Amazon, Samsung apps? Or 30 of these. Do they receive cease and desist letters from Google, or cannot get licensed Google apps? Acer that never forked Android, but tried to ship devices with a forked Alayun OS were warned to be out of OHA, because they were breaking the agreement they committed to when joining it! Prevent companies from using forked Android (incompatible) while staying in OHA? The Google compatibility requirement with those proprietary apps is that the Android iron grip, you and others talk about? Why is it Android ecosystem, it's the particular Google proprietary apps ecosystem. I am not happy about the fact they are proprietary, but isn't it the part of the license. Here's the list of many mobile OEMs, most of them are shipping Android phones, an most of them are not in OHA, which doesn't prevent them from getting those proprietary apps. Here's a Linux mobile journal talking about Acer, Alayun OS and Google. They state that the reason Google is pissed with Alalyun OS that it is incompatible and closesourced. >>how me the Replicant or Cyanogenmod phones in a high street store, or even significant market share of them, and I will cheerfully concede someone else has managed to break Android free of Google. Cyanogenmod is reported to be installed on 12 million devices. Both can be considered forks, but might have no problem with compatibility and are not closesourced, that's why you can use those Google's proprietary apps. I would doubt, that Replicant would use them anyways. >>by using other means to make the cost of breaking away too high for commercial entities. What are the means and what is the cost? Again do you have the figure of the cost of how much it would be? Or it's your own speculation. #### erratum I misspoke, it's not "didactic faculties" but "dialectic faculties" #### @AC >>In this entertaining thread, I failed to see any evidence of that assertion, When did you see your ophthalmologist last time? >>Microsoft is, historically, no choir boy to be sure, however you cannot just claim Google is somehow more "noble" on that basis alone, ignoring Google's clear and legally proven behaviours. Again, you guys got very hard time when dealing with inequalities. All of you most probably would flunk my College Algebra class (saying nothing about the Calculi sequence). #### Let me try it agin, h4rmony >>So you're not addressing any of my arguments, but merely making a general statement that ... I did address them, this generality was used to explain you that your assertion of my lack of logic doesn't make it true, nor does it add gravity to your argument. Anyone is entitled to his/her opinion, this opinion doesn't make it automatically a fact though. I got constantly labeled as going with my faith rather than logic. >It seems an article of faith, rather than logic, that patent usage is the deciding factor in who is the aggressor and who not. Well not exactly, It's (roughly) akin to the difference from the Plato's and Aristotle's pov on physics. The latter thought that it is more like Math, you need no to very little observation, just get your axioms prepared and theorems proven. The former though thought about importance of experiments and observations. However, in the Ancient Greek case, Aristotle never accused his equally great teacher of going with the faith too much... Again, I was answering to someone attacking Google (as you would call it if it were me bringing up Microsoft if it weren't mentioned originally). My point was that Google were not the one that is suing, it's Microsoft. I also said that based on the Google's history they never attack first and use patents as defense against somebody who's doing just that. You said it was all boloney, completely irrational and illogical, because Google would sure not hesitate to attack for patents first if had enough patents at hand, they of course don't at the moment.$4.5 bn worth of Nortel patents would absolutely sure mandate the board to start attacking them. The original $10 bn amount left over from Motorola acquisition doesn't apply here, because it's a totally different situation (you gotta take my word for this, you pretty much said). Then I am accused of putting Google too high up the moral standards. Okay, it's up to the definitions, I tried explaining it with rather a profitable for them business strategy that I see, you ignored that part though. You also provided two links of articles (you said very trustworthy) on how Samsung was corrupted and Google is evil in enslaving their partners in Android ecosystem. Again, it's you that decided it's a very trustworthy source! You mentioned how it was difficult to break the shackles of Android ecosystem due to the evident loss of most important features there. No specifics on what the features are, though! Amazon was just an exception that proves your rule, they were not attempting to go with a phone because that would require those extremely important features you mentioned earlier. You also made a claim that it was unaffordable to fork Android for a company smaller than Samsung indicating (I am guessing) that those unknown features would cost a great amount. You never tackled both Replicant and Cyanogenmod though, perhaps this would again not apply as according to you. Furthermore, I tried to communicate the idea of reciprocity of "do as you would be done by" kind'a principle. Call it morality or practicality, yet this is was exactly what Google, RedHat or even early Microsoft were doing. You cited the BT vs. Google case (filed outside of UK) to show how evil this position to use the patents of others, not paying for them, while demanding money for their own patents!?! How dare they! Reciprocity doesn't fly here, because you said so! Is this your absolutely solid logic and facts that were able to demonstrate all your points? >>isn't logical just because someone says it is. But it really is when someone is you, right? That's what I am sick and tired arguing with you that you try to be both a participant and the judge, assuming a little too much on yourself. I could just call your most of arguments rubbish and the way you argue as quite double-tongued and disingenuous. Since you're dissing my didactic faculties, I'll share with you of my opinion on yours. Funny, your way reminds me my acquaintance with his UFO sitings. He is so amazing at mixing his (or someone else's) fantasies about the Niburu, Annunaki, Dogons, dogs brought to Earth from Sirius and other bullshit with scientific facts, like stars, planetary systems, super-massive black holes, red shift, big bang, variously shaped galaxies.. he states that it was all known long before science discovered it. It had been written in Mahabharata a few millennia ago. I asked to show one tiny part of it in the book that states the Newton's Second Law.. He said that he can't , because the English translation from Sanskrit is 100% forged! Sorry, but I hear a similar tune in your way of arguing. Not sure if you both realize it, but this logic appears to be disingenuous. One major difference between your way and my friend's is that he is not teaching me on how to argue. >>I actually did was give you a clear chain of reasoning and references The sources are much more reliable than what my acquaintance have provided (not a solid authority for me though), but the fairness in the "chain of reasoning " is pretty similar. #### Re: at h4rmony H4rmony, As a response to your Chinese proverb on eunuch's chastity, here's my favorite oriental adage: "No matter how many times you say "halva" , it still doesn't sweeten your mouth". That is no matter, how many times you say that your arguments are logical and solid and mine are false and flawed... it becomes a fact. Are you making yourself believe in that? Well, extrapolating somebody's behavior out of someone else's pattern? that is the pearl of your logic? Try selling this logic to statisticians and actuarial people: "yes, male motorists under 20 tend to be n (n>1) times more reckless when driving, however, it is very logical to assume they will change that risky behavior this year, since most people don't want to die". Closer to me analogy would be, "a function f(x) is identically zero in the interval [a,b], let's assume f(c) =\= 0 for all points c not in [a,b], since most functions are not zeros on R" #### Re: at h4rmony >>You're not arguing logically. Why are you appealing to logic? If you decide what logic is, yes indeed, my logic is lame, yours - brilliant. It doesn't appeal to me though, as I said I wouldn't trust your judgement of it. When I was calling some of your statements outlandish and bizarre about Google destroying more Open source than Microsoft have ever done, I never said that you are illogical or irrational. Even after you put so many words in so many sentences trying to prove it, no, I didn't even bother answering it. I would call it a "lawyer's logic" in its rather peculiar connotation, where everything can be argued, since the client is always innocent and right. I am not a lawyer, I got a PhD in Math, that is why I reason illogically according to you. >>You keep ignoring all sorts of details As was said, I appreciate you verbosity. However, the quantity is not always necessarily turned into quality. >>That's what "defensively" has meant in Google's case - we infringe and if you ask for money we will "defensively" slap you with patents. No, it's: "if you think that your stupid patents are infringed on by us, think again, because you already infringe on ours!" Principle of reciprocity again, what is your problem with that, h4rmony? Or did you want Google pay up? Where is that imaginative angry board already? >>Though really, this entire argument is now just you trying to show Google as a noble company. My entire argument is that Google have shown they are more noble than most other IT company in the same weight class, including your beloved Microsoft. >>You skipped over this once but it still stands and is a fundamental flaw in your argument. The flaw that is only seen by you might not be a flaw after all. An acquaintance of mine told me about aliens swarming around recently... >>out of nowhere digs at Surface sales figures. I'm typing this on a Surface 2, btw. It's a really great device. It's a shame that good technology gets attacked over popularity. Since you didn't explain to me how would Google justify the difference between almost$12 and $2 billion dollars to the board, I tried to improvise and gave a few scenarios. You got insulted by that because MS Surface is a wonderful device and you're typing on it, can you scratch that off and get back with a few suggestions how to appease a would-be enraged board anyways? #### @ Philip Lewis >>The problem with "ignorant people of faith" is that they are incapable of logic and coherent fact based rational discourse. This thread is an outstanding example. Is that so obvious to you? I see, your great logic capabilities are so outstanding, mon amie, can I ask what is the logic in "10 to 0" score, why is it not "100 to 0" ? Just being curious. In my incoherent logic and such poor command of predicates, it was so pretty clear that one Microsoft advocate and another Apple fan, Samsung, ergo Google, Android antagonist would find each other in this tight h4rmonic unity. In this particular case, I wouldn't bring the question of logic up at all , if a were you, PL. In that the theory of predicates logic becomes truly a jugglery art, you might very well get: "if A implies B and B implies C, A may not imply C at all", since it depends on whether h4rmony deems it applicable/reasonable or not: "Google never attacked anyone for patents first before, but they will very likely will", since h4rmony reasoned it, "Google ended up paying about$10bn for Motorola patents without board chastising the execs for not suing anyone for patents, however have they bought \$4.5 bn Nortel patents, it would have certainly happened".

Brilliant, consistent and complete logic, indeed!