Announcement

Collapse
No announcement yet.

The FBI Paid OpenBSD Developers For Backdoors?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • deanjo
    replied
    And BTW, you can sell "free software", even in the eyes of the FSF. Thus where the whole "free as in speech, not as in beer" phrase came about. Now if it is viable or not, that is an entirely different matter, however "free software" does not mean "free as in no money".

    Leave a comment:


  • deanjo
    replied
    Originally posted by Remco View Post
    There are some limitations here: http://www.gnu.org/licenses/gpl-3.0.html#section6
    That's only the restrictions for GPL3. Older GPL's do not have such strict conditions (such has a networkable server).

    Leave a comment:


  • crazycheese
    replied
    Originally posted by BlackStar View Post
    Trademarks have nothing to do with license. You cannot use the Red Hat or Firefox trademarks. You are free to use their source code.
    I never said trademarks are bound to license. You said that RedHat and Novell are selling code - I responded that they are not and showed two things you need to do in order to get and use their code for no charge. Replace logos to unmark their solution as authentic and do not use official mirrors, for that requires their stuff being payed in order to fix the code - what centos does and is legal. And you will obviously get no support as well, since it is also part of the subscription.

    Originally posted by BlackStar View Post
    On the contrary, this is perfectly reasonable. You only need to provide the source code upon request. It's usually simpler to put it on a website, but you *don't* have to do this - you could conceivably send it by snail mail and still be compliant.
    Yes, you need to provide true source code. But if only source is free and everything else is closed it is refering to - (3). It is not an opensource solution.

    Originally posted by BlackStar View Post
    Many (if not most) commercial users will be happy to buy the software from you, if they consider it valuable enough. If a company wished to install Ubuntu to 10000 computers, they will probably buy it from Canonical with a support contract, because that is actually *cheaper* than downloading from the web without any support at all.
    This does not relate to the situation. Canonical is not selling a copies - it sells a medium it is burned upon. You can purchase them from them at raw price, burn yourself or download as you see fit. This has nothing to do with media-bond closed source proprietary software sold as a product. Read MS EULA for example, part refering to what makes "a copy" legitimate.
    If you wish support from them, (additional to 10,000 copies) that would be commercial and cost money. Similar if you ask them to implement a solution for you(integrate the system), that would also be actual human work and cost money.
    If a company would ask such volume, they would purchase integration and support sevice and just dd one copy around the machines.

    I think I have put it nicely seperated and clear, yet you have fun mixing different parts and asking me to separate your salad

    Leave a comment:


  • Remco
    replied
    Originally posted by BlackStar View Post
    On the contrary, this is perfectly reasonable. You only need to provide the source code upon request. It's usually simpler to put it on a website, but you *don't* have to do this - you could conceivably send it by snail mail and still be compliant.
    There are some limitations here: http://www.gnu.org/licenses/gpl-3.0.html#section6

    Leave a comment:


  • Jimmy
    replied
    What's interesting is if the exploits still work a decade later. If the code base is active (ie sees a lot of change) then the probability that such back doors get broken by accident would go up significantly, I would think. Unless someone is actively maintaining it of course.

    Were these exploits actively maintained or were the relevant parts of the OCF mostly inactive (development wise) for the last decade? Did the back-doors get broken at some point?

    Change logs should be both long and diverse in origin if you want to use "many eyes" as a basis for your trust. Mostly, if the code isn't seeing a lot of change from a variety of sources, "many eyes" doesn't apply because they are clearly looking somewhere else or being cock-blocked somehow. (Unless of course your code is close to perfect doesn't need to change much. Unlikely.)

    It would be interesting to see some numbers related to the source activity of the affected code. Average age of a line of code, number of contributers, change coverage, etc.

    I wonder how long it will take to find the back door. I also wonder how much it would cost to buy the answers from Jason Wright and friends. Clearly morality won't cause them to cough it up. I wonder what the pay out was for bing a douchebag was in the first place.

    Leave a comment:


  • BlackStar
    replied
    Originally posted by crazycheese View Post
    Red Hat and Novell live by selling human work.
    You are prohibited to use Red Hat unless you remove Red Hat symbolic from everywhere. It is to protect Red Hat from cloning. Same as Ubuntu by the way. Same as Firefox. See CentOS.
    Trademarks have nothing to do with license. You cannot use the Red Hat or Firefox trademarks. You are free to use their source code.

    Saying GNU GPL is allowing you selling copies of software yet allowing full access to do it for free, means preventing sale of copies for money as product, which every proprietary distribution is based off.
    On the contrary, this is perfectly reasonable. You only need to provide the source code upon request. It's usually simpler to put it on a website, but you *don't* have to do this - you could conceivably send it by snail mail and still be compliant.

    Many (if not most) commercial users will be happy to buy the software from you, if they consider it valuable enough. If a company wished to install Ubuntu to 10000 computers, they will probably buy it from Canonical with a support contract, because that is actually *cheaper* than downloading from the web without any support at all.

    Leave a comment:


  • V!NCENT
    replied
    Originally posted by DebianAroundParis View Post
    In the USSR you would have been considered a model citizen.
    Judged by what they can know about me? Yes.

    Leave a comment:


  • crazycheese
    replied
    Originally posted by BlackStar View Post
    No, it certainly doesn't. GPL allows you to sell software, as long as you are able to provide the source upon request. Other open-source licenses are even more lenient. A tiny minority prohibit commercial use - but these are not really used (or useful).

    Red Hat and Novell live by selling open-source software.
    Red Hat and Novell live by selling human work.
    You are prohibited to use Red Hat unless you remove Red Hat symbolic from everywhere. It is to protect Red Hat from cloning. Same as Ubuntu by the way. Same as Firefox. See CentOS.

    You are also prohibited to use Red Hat updates, because they are written by RedHat employes and you should pay employes to do so. Update from alternative mirrors then.

    Distiguish:
    1) Getting money by selling copies and payed support.
    2) Getting money for implementing the solution(/idea/mechanism), which in the end is free and open to build upon.
    3) Getting money by providing only base for free and everything functional over it as selling closed copy.
    4) Getting money by providing everything free, except for commercial support.
    5) Getting money for selling copies and providing source code access for huge money via developer license.
    6) ...more?

    The true opensource way is 2.
    Your way is half-arsed number 3.
    What the reason you are providing source code? For sanity of сonscience??
    There is no "protection" from malware activity if you providing source divided - you can easily substitute or write the decoy version.
    Ah, you must be providing source just to circumvent the original license and its meaning, so just you make enough money fast.
    Congratulations!

    Saying GNU GPL is allowing you selling copies of software yet allowing full access to do it for free, means preventing sale of copies for money as product, which every proprietary distribution is based off.

    Leave a comment:


  • BlackStar
    replied
    Originally posted by crazycheese View Post
    Instead, opensource prohibits the proprietary way of selling copies into selling real human work.
    No, it certainly doesn't. GPL allows you to sell software, as long as you are able to provide the source upon request. Other open-source licenses are even more lenient. A tiny minority prohibit commercial use - but these are not really used (or useful).

    Red Hat and Novell live by selling open-source software.

    Leave a comment:


  • crazycheese
    replied
    Originally posted by Apopas View Post
    I disagree here. LinuxMint and Ardour for example rely on donations as well.
    LinuxMint is mostly Put money and get Feature. This is not donation.
    Ardour is mostly subscription based, what is Put money regularly and get developers attention. This is not a donation either.

    Donation is giving money to the poor because you feel sorry for him. A lot of people that have money, wont give because they can spare it for something that requires money. This causes donation-based work to lack any finance support, and with no finance support no programmer can live to work.

    Instead, opensource prohibits the proprietary way of selling copies into selling real human work. In the end, if you have a piece of unfinished opensource software you can only make it work by investing your human skills: programming, testing, discussing, or paying others to do so.

    Every baker or barber should not also be required have professional programming skills in order to support opensource. He should be able to support with money, and he should see that his money moves something. Donations do not move something, they are just expression of "thank you" to current state.

    More than that, once your payment really forces something to move in the direction you support, you can request responsibility; and you are not presented with ready solutions that "is good for you, we promise; we know you better than yourself". You start really to vote with money, not play consumer position.

    Leave a comment:

Working...
X