* Posts by Vic

5921 posts • joined 7 Dec 2007

Police to get greater web censorship powers

Vic

Re: alt TLD?

> Do you mean, say, an alt TLD? For example: www.theregister.co.uk.alt

Possibly. That's one way of doing it.

Alternatively, if we're just looking at dealing with Nominet, we use an unused .uk zone. So, for example, I could set myself up as the registrar for all .dark.uk domains. I could maintain a simple zone file that delegates to other nameservers[1]. To join this darknet, you either put my IP address in as one of your DNS servers, or use somebody else who does.

Users who are slightly sharper than the average bear can set their resolvers up to query me only for .dark.uk domains. This reduces the load on everyone, but is an optimisation, not a requirement.

Vic.

[1] except for the domain "vic.dark.uk", which would be mine, natch

Vic

One zonefile to rule them all...

> the police think that the normal course of law does not apply to them?

If we're being rigidly fair about this, this controversy is not the fault of the Police - not entirely, at any rate.

From the article:

"Police will effectively get more powers to censor websites under proposals being developed by Nominet"

Note that, assuming the article is accurate, this is all Nominet's proposal, not the Police's demand.

Granted, Nominet have faced "lobbying by the Serious and Organised Crime Agency". That might have amounted to "would you like to do as you're told, or would you rather come and have a look at how steep the steps are in our nick?"

Vic.

Vic

Not even that.

> All it would require for a Darknet to become an Internet

> is a peering agreement and someone to dish out IP addresses

> and domain names.

All it would require is a single[1] DNS server that enough people were prepared to consider authoritative...

The Internet sees censorship as a fault, and routes around it. DNS is no exception.

Vic.

[1] Granted, it would be shit with just one server - but others could join very easily.

Sex abuse fax leak costs council £100k

Vic

It wasn't hypothetical, you see...

> I can think of circumstances in which it might work.

It does work. I've done exactly this on numerous occasions.

> The majority of messages are going to contain sensitive data

If that really is the case, then it is entirely inappropriate to have the ability to export data directly to a general-purpose email system. What is *required* is a management application to control such export - so you might have a handful of addresses qualified to accept any data, but for the most part, each record in the DB is associated with zero or more addresses to whom that data may be sent. Modifications to those qualified addresses is checked (by double-entry, supervisor sign-off, etc.), and attempts to circumvent the system are classified as gross misconduct.

It's not the cheapest setup imaginable - you're adding quite significantly to the database load - but it is foolproof: it can only fail when at least two people are grossly negligent, or someone of sufficient authority deliberately commits a data breach that he knows will get him fired.

We have some fairly strict Data Protection laws in this country. If they were actually enforced occasionally, fewer people would claim things were "impossible" or "too expensive". We have data breaches because the penalty for failing to put in place preventative measures is way, way too low. I'm not convinced that fining public bodies changes that in any way.

Vic.

Vic

Not necessarily true

> Using email on the other hand (even to the right individual) traverses

> any path through the internet to reach it's destination.

That depends on the mailserver configuration.

It is a *trivial* matter to configure a server to send all mail for a particular domain via a certain route - even if the MX record of the recipient says otherwise.

You can also require the MTAs at each end to require TLS of each other - and even require key-based authentication.

In short, email *can* be perfectly secure - and it's not at all hard to make it so. But that requires some joined-up thinking in the IT policy, so it's never going to find its way into local government.

Vic.

Vic

Preventing errors

> But how can a mistake like this ... be prevented?

Sensitive data should go by a different route that other data - a dedicated email system or fax machine.

And you lock down the number of possible recipients very carefully.

It won't entirely prevent sensitive data being sent to the wrong person - but at least you know that it will go to someone with whom you already have a reasonable trust relationship.

Sending sensitive data through the "normal" fax machine => instant dismissal.

Vic.

Brits blow millions on over-priced ink

Vic

Cheap cartridges

> I've used cheaper non-branded ink in the past in my Canon printer

I always use el-cheapo ink on my Epson printers (I paid £10 for 12 cartridges last time I bought some). As long as you understand that some cheap cartridges just aren't worth having, it all seems fine so far...

>... however both times I tried I ended up with a clogged prnt head

The only time I've ever clogged a print head was when I didn't use the printer for an extended period of time - and it had genuine Epson cartridges in at the time.

Vic.

Shuttleworth's Ubuntu makes like Space Shuttle

Vic

Really?

> Please... Ubuntu has probably drawn more people to open source

> than any other open source project.

gcc? Apache?

Vic.

Novell keeps Unix copyrights from Microsoft

Vic

Re: Unix

> Can't all the open sourcers chip in and buy them from Novell?

What for?

> Mark Shuttleworth would be better chipping in some cash instead of buying a luxury flat.

Mark Shuttleworth has nothing to do with this - saving that he's rich, and could probably afford the deal if he were motivated to do so.

But there's no business advantage for him.

> If Unix copyrights ended up in the hands of a patent troll then there

> would be a lot of trouble for Linux, Solaris and OSX.

No, there wouldn't.

Many years ago, a copyright troll named SCO tried to make trouble using this method. The first hurdle they had to overcome - and failed to do so - was to demonstrate that they owned the copyrights to Unix at all.

In many ways, it is a shame that this case went first, because it leads to so many hand-wringing posts on Internet fora about how dreadful it's going to be when someone richer than SCO owns some of the Unix copyrights.

The next case that SCO needs to deal with - which is currently stayed pending the outcome of the SCO vs. Novell case - is about whether or not there is any AT&T-derived[1] Unix code in Linux anyway. Discovery in that case was long, tortuous, and expensive. SCO found *fuck all*. IBM have a lot of counterclaims that will devastate anything that makes it out of the Novell case.

There is no more mileage to be had from trolling these ancient Unix copyrights around. The FUD worked for some time - but now pretty much everyone knows how baseless were SCO's claims. There is no AT&T Unix in Linux.

What we should be worrying about is the 882 patents that were sold to CPTN - but even those are probably harmless. The implicit patent grant in GPLv2 is probably sufficient, should those patents read on anything in Linux, and estoppel should prevent MS from actually asserting them against Linux users. There is still some uncertainty there - but it is likely that the patent transfer has more to do with settling the WordPerfect suit than anything else.

Vic.

[1] There is a fair bit of BSD-derived Unix in Linux, but that is not covered by these copyrights[2], and is properly licenced anyway.

[2] AT&T's slack approach to copyright notices is one of the reasons why so much of Unix is no longer protectable by copyright anyway.

Jumpin' Meerkats! Ubuntu moving to daily downloads?

Vic

Not with you at all...

> Just what any normal user wants, a prompt every morning for updates.

There's no problem with that.

Users rarely care whether or not there are updates - what they care about is whether or not those updates will interrupt their use of the machine.

Updates on a Windows box are always intrusive - often requiring multiple reboots. Updates on a Linux box are not - you usually just hit the button and get back to whatever it is you were up to. It really isn't a big deal.

> I don't want a box continually updating itself like this.

I do. If there are bugs to be fixed, I want them fixed as soon as possible.

> Batch it to a month or 3 months, but not daily.

No, I completely disagree with you there.

If something is broken, I don't want to wait a month to get the fix that someone has already published elsewhere - even if the bug is not security-related. It's pointless putting in arbitrary delays to improvements just to avoid an upgrade procedure that is completely painless anyway,

My laptop is updated pretty much every day - sometimes more than once per day. I barely notice. I haven't rebooted it in weeks. Updates just aren't a problem.

> People have other things to be doing than staring at an Update

> window each morning when they turn their machine on.

Sure - so we don't stare at update windows.

I get an icon appear in one of my panels if there are updates available. I click it, have a quick look at the updates to make sure I want them (I always have done, so far), then click "Install Updates" and get back to what I was doing.

> They simply want to type a letter, surf a web page, read emails.

As do I.

> Not wait until the updates have been downloaded and installed.

But with Linux, you don't do that. An update doesn't mean the machine is unusable for hours at a time - it's predominantly a background process that just gets on with it whilst you go about your business.

> This is techie masturbation at it's worse.

No, this is non-users not understanding just how much simpler it is to upgrade a Linux box compared to a Windows one.

Vic.

Vic

Upgradin

> Are there really people out there that have time in their lives to upgrade an OS every day?

Yes. I generally spend less than a minute making sure it's not going to upgrade something I don't want it to, then I pish the "Install Updates" button. Some time later, it is done.

Once a month or so, I reboot the laptop[1] to bring in a new kernel or suchlike.

Vic.

[1] I run Fedora on this laptop. It likes to upgrade stuff regularly...

Vic

Of course.

> Live updates of kernels anyone, it must be possible?

It is. Search for "ksplice".

It's been a while since I tried it, so my knowledge is somewhat out of date, but I got it to work. I also decided I'd need a damn good reason to want to try it again.

If your uptime guarantee doesn't allow enough time for a reboot, you're probably not using enough hardware...

Vic.

Attachmate gobbles up Novell for $2.2bn

Vic

Xenix

> They spun off that operation and it turned into something called the Santa Cruz Operation.

Not quite.

MS licenced Unix from AT&T. They got SCO to create Xenix from this code.

SCO later acquired Xenix from MS, and renamed it SCO Unix (later SCO OpenServer).

All this happened when SCO was a real software company, producing decent products.

Vic.

Vic

@Peter...

Of course MS wants to kill other OSes. But that doesn't mean they can.

> If they can go in to any procurement with organisations by starting with "Of course,

> you know that we MAY still sue users of Linux for use of OUR copyrighted material"

If they try that, they will be ignored, for the most part.

The arguments have been thrashed out. World+Dog now knows that any necessary Unix copyrights - and there are almost certainly none, as we'll see in SCO vs. IBM - have been licenced under the GPL. Such a threat will only be useful when dealing with the terminally incompetent - and such PHBs rarely need such threats to be swayed anyway.

But such behaviour could also land MS in very hot water: knowingly making false claims is a tort, and would land MS with a very hefty bill in the courts. There is no way, post SCO vs. Novell, that MS could claim to believe that owning any Unix copyrights could affect Linux. Threats like this would be corporate suicide.

> I don't see this as being illegal under current unfair trading practices legislation

It is most certainly illegal under US legislation. That would do...

> Do you think that you would pay, say, £100 a year per PC just for the right to use it?

No, I won't. And, because of the Freedoms granted me by the myriad FLOSS developers, I don't need to.

You are imagining difficulties where there are none. If you want to get excited, worry about US patent law, and how it affects software - that's a threat for all software writers, both Free and proprietary. But Unix copyrights - they just don't matter to Linux. There is no AT&T Unix in Linux, and it would be legitimately licenced if there were.

Vic.

Vic

Forgot the footnote...

> Aside from this not necessarily being a particularly good idea[1]

[1] One of the major elements of an Enterprise distribution is stability: you test your installation at rollout, and you know that there aren't going to be any significant changes throughout the lifetime of the distro. Apps that worked properly initially will continue to work all the way through. By making such a step-change in the kernel, this proposition is no longer known; Oracle runs the risk of breaking lots of stuff for its users.

Vic.

Vic

Really?

> Oracle is forking Linux with their own non-compatible version.

Errr - you sure about that?

Last time I looked, they were basically just rebuilding RedHat Enterprise.

They did announce they were going to use a different kernel - but that's basically just the upstream latest kernel. Aside from this not necessarily being a particularly good idea[1], they're also obliged to release the source to whatever they ship (it's GPL), so anyone that wants to do the same can do so.

> Expect Linux to be the same as Unix with multiple slightly non-compatible versions.

From a kernel perspective, the only difference will be in terms of which kernel each distro chooses to use. That's no biggie.

The difference is predominantly in the userland stuff - and that's just down to where the maintainers =make the trade-off between conservative stability and bleeding-edge risk.

> So much for standards....the $$ always wins.

Not so.

Vic.

Vic

Re: Wouldn't work

> I just don't see the facts getting in the way of the PR.

That boat's already sailed.

SCO made a huge noise about how Linux infringed on everything. The world and his dog heard the story - and now the world and his dog know it's untrue.

Attempting to do the same thing again just isn't going to work. That FUD has dispersed...

Vic.

Vic

Current state of play

> What's the currently claim anyways?

SCO are currently reduced to the Gollum defence in their appeal pleading to the 10th Circuit Court of Appeals :-

"But we *wants* it, my precioussss"

Vic.

Vic

@Peter...

> if MS can kill alternative operating systems

You haven't mentioned how they would achieve that.

Vic.

Vic

+1

> I hope MS does get the Unix rights.

As do I, actually.

They can't harm any of the incumbent Unix operators - IBM, Oracle and HP have all got paid-up, permanent licences, so they can carry on knocking out their own flavours of Unix.

Linux, BSD, etc. can carry on doing what they are doing - MS can't affect that, as it doesn't hold copyrights to any code there that isn't properly licenced.

Microsoft, on the other hand, could chop out the core of Windows, and replace it with a proper Unix. They could leave the Windows skin over the top, port their Windows API layers to Unix, and serve up a robust POSIX core with pretty pictures over the top.

That would benefit all of us - Microsoft probably the most, as it could make Windows into something really quite special, but the rest of us would gain from MS becoming more standards-compliant, and if nothing else, a better Windows would mean fewer botnets and less spam.

I'm definitely hoping that MS are getting ownership of Unix.

Vic.

Vic

Wouldn't work.

> In that case they could sell^Wgive them to SCO and turn up the FUD machine to 11

Too late.

Even if SCO acquired all Unix copyrights now, it would do them no good at all. They didn't own the copyrights when they allege that part of Unix was put into Linux. Novell did, and Novell have licenced any such code under the GPL. So even if SCO got the code now, they can't remove the licence for any of it that might be in Linux (and nor have they demonstrated that any such code exists).

Being given the Unix code now would actually be disastrous for SCO - there's nothing left there now but the litigation, and the litigation hinges on an appeal against a judge and jury telling them they never owned the copyrights. To accept them from a benefactor like MS would be an admission that they did not own them - and that would destroy any faint hope they might have of getting this appeal.

Vic.

Vic

It really isn't a problem.

> This could be verrrrrry bad news for the Open Source movement,

Not at all.

Suppose Microsoft *do* get Unix. What would that matter to FLOSS people?

To re-run the SCO shake-down, you need to prove two things :-

- that there is AT&T-copyrighted Unix code in Linux

- that it was put there improperly

Despite years of shouting its FUD from the rooftops, SCO singularly failed to prove the former - they found a load of BSD-copyrighted stuff, but a quick glance at the BSD licence shows that that is perfectly acceptable.

The latter is an even higher hurdle; if Novell owned the copyrights (as two judges and a jury have declared they do), then if any such code is eventually found, it is now perfectly permissible, because the copyright owner has deliberately released it under the GPL. Any new owner may not revoke that licence.

And remember - *both* of the above need to be proven for a SCOSource Mk. 2. Some infringing material would need to be found, and it would have to be put into Linux without the copyright owner's consent. If either of these fail, the whole scam fails.

The only way this could be a problem is if the new owners of Novell declare that Novell perjured itself in the SCO vs. Novell trial, and it was actually SCO that owned the copyrights all along. Besides the array of lawsuits such behaviour would bring into existence, it would also likely mean real jail time for a number of individuals, and disbarment for certain lawyers. I can't see that happening, myself.

Vic.

A Linux server OS that's had 11 years to improve

Vic

Someone doesn't understand RHEL kernels...

Complaining about the kernel being version 2.6.9 does show something of a lack of knowledge.

RedHat pick a kernel shape when the distribution launches. For RHEL4 (which is what this distro is based on), that was a 2.6.9 kernel. It will be a 2.6.9 kernel when RHEL4 is finally retired.

This does not mean that it is out of date; updates to the kernel are back-ported into the 2.6.9 base. That is why the version number is complicated - the current RHEL4 kernel is not simply 2.6.9, it is 2.6.9-89.31.1, and dates from mid-October.

The reason for this is to provide a stable platform - the kernel will behave in largely the same way on the day you retire the box as it did on the day you installed it. There will be bugfixes and improvements along the way, but the platform stays very much the same shape, so applications don't suddenly get broken on kernel updates.

Vic.

Linux servers for Windows folk: go on, give it a bash

Vic

apt vs. yum

> but the guff about APT versus YUM becomes even more heated!

Only amongst those ignorant of one or both of the above.

apt and yum provide almost identical functionality. Anyone claiming vast superiority for either clearly does not know how to drive the other. That doesn't make him a good source for information...

The one that *really* annoys me is apt vs. rpm - they're different applications. They're not aimed at the same task, so they perform differently. It's like comparing a Ferrari Dino to petrol - the comparison is nonsensical.

Vic.

Vic

Security.

> And if such a system can be built, why not build it?

We're talking about a gateway machine here. If you follow the (flawed) advice in the article, this is the piece of kit taking a heavy daily assault from ne'er-do-wells on the Intertubes.

If this is set up by someone who doesn't want to understand what he's doing, what chance security? This is an arms race; someone who wants to set up a box and forget it *will* get pwned eventually.

Alternatively, you could buy the same hardware, and spend fifty quid with a local Linux support company who will install the box properly, and either tell you what you need to do in the future, or sell you ongoing support. You could even watch the installation and learn a bit while he does it - most engineers are glad to impart a little knowledge, as it means an easier time in the future.

Linux maintenance is easy. Initial roll-out takes a bit more planning and experience; by far the cheapest way to do it it to spend a few quid with an expert.

Vic.

Vic

There is *so* much wrong with this article...

I can't begin to cover any significant fraction of the errors in this article, but here are a few glaring issues :-

- The major distros already have loads of tools to do exactly what the author claims they don't - e.g. look at the redhat-config-* tools in RHEL, or YaST in SLES. Add to that the excellent documentation in the RHEL Deployment Guide (available to anyone that wants it, and applicable to pretty much every distro), and you have a trivial configuration.

- Samba3 (which is what these distros ship) does *not* make a good Windows Domain Controller. Samba3 only does NT4-style controllers - most companies will throw you out in the street for suggesting such a thing. Samba4 is necessary for AD-style DCs, but that's not shipping yet. It's just around the corner - but has been for 5 years or so. When we get it, it will be stunning - but we don't have it in the distros yet. Making overblown claims about the capabilities of Samba3 - which makes an excellent member of an AD domain, but not a DC - simply hands ammunition to those who would knock the capabilities of FOSS.

- Exposing your first installation to the unfiltered Internet is just idiotic. There are *likely* to be some configuration errors, so at the very least, you hide it behind a NAT router and pipe through those services you intend to expose. This is very easy to do for all NATable protocols - indeed, if a would-be admin struggles with this, he really shouldn't be opening up the network at all. So all you're left with is the non-NATs - PPTP for example. The simplest solution there is to use an alternative (like OpenVPN), But there are assorted ways of getting the job done. The very worst thing you could do, as a neophyte, would be to expose the box directly to the external interface.

Vic.

Oracle Java submission hastens Apache showdown

Vic

Boned...

> most of the key components of the .NET ecosystem, including C#

> the language are recognised international standards.

According to Microsoft, they are patent-encumbered.

Thuis means that, if you live in a jurisdiction that supports software patents, you *can* write your own code to implement these standards, but you *cannot* distribute it.

> ...can be deployed on Linux using Apache and Mono

Mono is a litigation trap. Microsoft could - trivially - announce a patent licence for Mono that would dispel all worries about whether or not MS will eventually sue over its use. They have repeatedly refused to do so - issuing, instead, a ***time-limited*** promise not to sue if you get your Mono from Novell.

Mono is dangerous. Microsoft could make it safe. They refuse to do so.

Vic.

UK.gov ignores 'net neutrality' campaigners

Vic

Trust

> Unless legitimate traffic is actually being *blocked*, I don't see how trust is affected.

The issue is that heavy-handed throttling becomes a de-facto block.

If ISPs are permitted to throttle data from certain sources so heavily that the source is effectively unreachable, then a legitimate requirement to prioritise traffic according to urgency - i.e. putting voice packets ahead of bulk-download - becomes a method to prevent access to certain places. The former is acceptable - probably necessary. The latter is not.

Vic.

Vic

Hosting custom servers

> they built their servers to a bespoke spec and you're not going

> to find a hosting provider easily that'll accomodate that kind of custom build.

Yes you will.

What you're unlikely to find is a hosting provider[1] that will host non-racked servers *cheaply*.

Vic.

[1] I know of one, and I don't tell anyone else about it, because they'll run out of space in the cold room eventually...

Apache strikes back in Oracle Java standoff

Vic

Sure about that?

> Nothing stopping you from rolling you own JVM

...Unless you live in a jurisdiction that supports software patents.

Oracle has already asserted some of its patents against Google. It would surely do the same against any JVM it considered to be costing it revenue...

Vic.

Google: Oracle doctored that 'copied Java code'

Vic

That's your opinion...

> you are being extremely disingenuous quoting the Classpath exception

Not at all.

I'm quoting what the Classpath Exception says.

A compiled file is an executable, and thus subject to that exception.

A decompiled version of that executable is thus subject to the licence attached to the executable - which may well not be the licence of the original source.

That might or might not be how the exception was meant to work - but that doesn't matter. The licence specifically and expressly permits such manipulation, whether it meant to or not.

Thus Google are actually in with quite a strong defence here. I don't know whether or not they deserve it - but we're not arguing morality here, we're arguing the specifics of the licence.

Vic.

Vic

Re: But...

> Code under the GPL is protected from patent.

Not entirely.

GPLv2 only has an implicit patent grant from the code originator - that's one of the drivers for GPLv3, which has an explicit grant. It would be possible - if completely crazy - for Oracle to claim to release under GPLv2, but withhold a necessary patent licence such that no downstream users can redistribute (per Section 7). But that would destroy Oracle's reputation entirely, destroy Java entirely, and leave Oracle in the firing line for all sorts of legal difficulties. It would be absolute madness.

> If you remove the license, it's not just open to copyright infringment,

> but now that patent protection is lost. Possibly that's the logic?

That logic is flawed; the Classpath Exception does more than permit you to ascribe your own licence to the resultant Derived Work, it allows you to distribute under "the terms of your choice". Thus if a patent right was distributed by the GPLv2 grant, that same right could clearly be redistributed with whatever licence you choose for the CE-derived object. Indeed, it is quite possible that the Classpath exception makes the explicit patent grant that the GPLv2 omits - but you'd need to check with someone more intimately acquainted with the law in that area than I to be sure.

Vic.

Vic

No.

> Obviously JCP is set up so you are actually allowed to implement your own version of Java,

Not so.

This is what's behind Apache's recent problems - they cannot certify as Java because of the field-of-use restrictions that Oracle maintains on the TCK - which restrictions Oracle agreed were unacceptable when it was Sun doing the restricting.

> Java isn't in the hands of just one company. It isn't the IPR of Oracle.

Yes, it is. And Oracle currently seems to want to exercise those rights to the detriment of the JCP. This is probably a mistake.

Vic.

Vic

Be careful with the word "ignorance"...

> Ah, in what way have they fulfilled the GPL?

I'm not claiming they have.

But the file in question is licenced under GPLv2 *** with Classpath Exception ***.

That exception is important. It is worth reading what it says before alleging ignorance in others. One especially important phrase is :-

"to copy and distribute the resulting executable under terms of your choice"[1]

(referring to an object derived from the GPL + CE code).

"Terms of your choice" is a very powerful phrase.

> They put an Apache license on a GPL'ed file.

They put the Apache licence on something derived from a binary which was derived from a GPL+CE source file.

Now read the Classpath Exception to see why that is perfectly permissible.

> They can't do that.

They can. It is expressly permitted by the licence.

What they cannot do is to take the *original* source and slap a different licence on it. And they didn't.

> Just because code is open-source doesn't mean you

> can rip it off and do what you like with it.

Correct. Isn't it good that that hasn't happened?

> Do you know anything about the GPL or open-source software?

Yes, quite a bit, actually. And I know what the Classpath Exception says.

Vic.

[1] The CE can be found at http://www.gnu.org/software/classpath/license.html . I strongly suggest reading it before making claims about what can be done with compiled objects derived under that exception.

Vic

Re: GPL + ClassPath Exception copyright notice

> The android version has a Apache license on it

Now all that's needed is for someone to prove that that is an unlawful action.

The ClassPath Exception is *very* permissive...

Vic.

Vic

Defending patents...

> If you don't sue all those who allegedly infringe you are not

> 'defending your patent' and the patent is void.

You're thinking of trademarks,

Laches are rather more complicated under US patent law.

Let's hope Willets[1] doesn't get his way and import all that nonsense over here.

Vic.

[1] For a man with two brains, why does he never seem to use either of them?

Vic

Someone is jesting :-(

> First, in the US you can't sue anyone over anything. It has to pass

> a sniff test otherwise the lawyer bringing the lawsuit can be disbarred.

Prior to Iqbal, that was a very low bar indeed. Even now, it's little more than "would the world's most stupid man believe this for a fraction of a second, if we medicated him highly enough?"

> Removing the copyright notice which is a comment isn't doctoring the code.

Yes it is. It's a clear attempt to disguise the fact that this was distributed - both by Google and by Oracle - under GPLv2.

Vic.

Vic

Re: Ah, but then again

> they released their version under a different licence

That's one of the things that Oracle will need to prove, should they go for that approach. Remember that this is not a file that will ever make it into a handset...

Vic.

Vic

@Gumby Nope...

> Understanding the law isn't one of your strengths now is it?

Is it yours?

> Google can call their version of Java 'Tim' for all anyone cares, but its still a derivative of Java.

That is completely wrong in every respect. Dalvik is *not* Java. Java is not appropriate for the platform, so Google used something else.

The closest it comes to Java is that some of the application code running on it will initially be coded in the Java language - but all the patents Oracle has asserted read on the JVM, not the Java language. Although both language and VM use the word "Java" in their names, these are most assuredly not the same thing.

> Oracle is correct that Google did in fact copy code.

Oracle has, to date, come up with one file in a test directory that they claim is close to a file that they themselves distributed under GPLv2 with ClassPath Exception. I can see three reasons why that would constitute lawful redistribution - two of which are sure to work, the other one being a "probably".

Vic.

Vic

Re: Commitment to partners?

> Wow - way to backstab your business partners!

Not so. This is simply a "safety in numbers" defence.

Google's statement here boils down to "we didn't do this - and it's up to you to find out which of your customers actually did".

It's a neat trick, because it means that even if Oracle were to be successful in their suit (and not this one - a suit against someone else), any victory would be entirely Pyrrhic.

Of course, it's just one defence of many in Google's filing. I suspect there is a pitched battle ahead of us - and I don't rate Oracle's chances that much. Google will undoubtedly take some pain - I think they will consider that a bargain price for what they will achieve.

Vic.

Fanbois howl as OS X update bricks PGPed Macs

Vic

Re: ALL OS, not one

> EVERY OS suffers from update nightmares.

They do?

OK, thanks for the tip. I'll remember that next time. I seem to have missed the difficulties the last few times I've upgraded...

Vic.

Oracle spreads blame for MySQL 'misperceptions'

Vic

"free" is irrelevant

> This is a great article to send to people who say our Enterprise

> should move to Linux and MySQL because they're free

Ignore such people. They are wrong.

The reason for moving to Linux and MySQL is because they are Free. That is worth far, far more than being simply free.

Because these packages are Free, you can *choose* who you get to do your support - there is a competitive market for these services. Oracle is not the only company who can support their product (nor, likely, the best one).

Vic.

[Who supplies MySQL support for a hell of a lot less than Oracle charges]

Reg reader stitches PARIS right up

Vic

Re: But where is our plucky Playmonaut?

Yeah, Playmobil reconstruction, or ...

Err - hang on...

Vic.

Google open sources Apache server speed mod

Vic

Re: Erm...

> Isn't Apache licensed under the GPL?

No.

> And isn't there a "viral" clause in the GPL stating that any modifications

> made to GPL software must also be released under the GPL?

No.

> So - does this mean that Google were in violation of the licence

No.

HTH

Vic.

Vic

Whole point of *** AGPL ***

> Basically you just described the main push behind GPL version 3

No he didn't.

> which would basically require any public web software as

> a service source code to be released

No it doesn't.

Vic.

Vic

Title

> Will it spy on me ? Steal my passwords?

Why don't you take a look and find out?

This is one of the major strengths of Open Source software - if you have concerns, you have both the right and the capability to inspect the source code. If it doesn't do exactly what you want, Free Software (which this is) gives you the right to change it so that it does.

> You almost expect any Google product to have some built in surveillance function.

If it does - take it out.

> All your privacy belong to us.

All your privacy belong to whomever you give it to. If you look after it yourself, that could be you...

Vic.

Group slams airport naked body scanners

Vic

Re: Missing points . . .

> The way to beat terror is not to be terrified

I'm not terrified of the terrorists.

I'm shitting myself over the actions of various governments in the name of my safety...

Vic.

PARIS laid bare in intimate snaps

Vic

Flew.

> I'm not actually convinced the plane actually flew

Go and watch the videos. You'll see the plane clearly flying.

Vic.

Shut up, Spock! How Battlestar Galactica beat Trek babble

Vic

A smell he thought was just the drain

> That is of course assuming that the person has been

> breathing standard air on BSG and not some strange mix like Tri-Mix

Trimix isn't giong to help - you might have less nitrogen in the mix, but you've got helium to deal with, and that comes out of the tissues quite a bit more quickly than nitrogen does. The bend is even more dangerous...

I understand, though, that spacecraft don't usually contain air - all the N2 doesn't really serve much purpose. By using low-pressure oxygen, you can keep the ppO2 high enough to sustain life, but keep the ambient pressure right down, thus reducing the force on the hull. That makes the craft lighter.

Now oxygen does dissolve in the body, and you can cause an oxygen bend if you drop the ambient pressure rapidly enough. But oxygen bends don't create the cell hypoxia risk of an inert gas bend (even if they occlude the blood vessels, you'll still get oxygen from the bubble), and they spontaneously resolve. So an explosive decompresion from O2 saturation would undoubtedly be painful - but would it be lethal? Inquiring minds...

Let's not go near the barotrauma risk of such a decompression, though - that sort of thing gets very messy.

Vic.

Oracle goes in hard on Google Java suit

Vic

Don't think that's a problem.

> That's the argument, that it *was* derived from OpenJDK. If true, that would be bombshell.

It's not the argument I was making, but it wouldn't be a bombshell.

The class in question has been released under the ClassPath exception. That's really permissive...

Vic.

Biting the hand that feeds IT © 1998–2019