> >Mark Rafn wrote: > >>Fundamentally, if the client is open-source, it can be > >>modified, and the > >>modified version can LIE and say it's the original version. > Anything > >>which prevents this is not open-source.
> M�rio Amado Alves answered: > >?! > >Many (most?, all?) open source licenses require authorship notices be kept. --- "Giacomo A. Catenazzi" <[EMAIL PROTECTED]> wrote: > The opensources licenses usually don't requires explicity authorship > notices to be keep, but copyright law usually requires it. > So it is not a problem of open sources definitions, > > BUT I think that open source movement should actively support that the > programs KEEPS copyright notices, else in case of license problem (change > of law, flaws, incompatibility with oper open source licenses) it > whould difficult to relicense, and as SCO case tell us, it could difficult to probe the origin of code. > So keeps the copyright notices! CUT! We are talking about a malicious user who is modifing the software to LIE about the fact it is modified. They wont be telling anyone that they did this I have thought about this issue for a while : My solution is to introduce a game theory, where the game itself is changed so often (the key) that it is very hard to crack all of them quickly. here is my defence of the proposal : ------------------------------------------------------------------------------------------------------------------- http://www.advogato.org/article/698.html ------------------------------------------------------------------------------------------------------------------- After a long discussion on freenode.net/#GNU yesterday, I find my aguments for a secure system to distribute data without allowing cheating in line with the spirit of the GPL. These are my arguments in favor of a certified client : 1. There are valid applications where a group of people agree to use one version of the software and want to eliminate cheaters. A First person shooter for example would be a good example 2. By allowing for a auditing of the clients on a random basis, and the inclusion of the entire memory of the software including of the data at a specified timepoint you can get a secure fingerprint that is very very difficult to fake. 3. By allowing for a secondary protocol to use a secure cipher to encrypt and slightly change the binary of the file, you can increase the cost of binary hacks. This application of a cypher can take place on the original binary before starting using a key that is agreed apon by the group. 4. These techniques do not eliminate crackers, but make the cost prohibitive, random and frequent changes to the binary form using a secure algorithm will increase the cost of making binary patches very much. 5. The users are free to review and edit the source code of all the components of the system, Each user is free to join any group that they wish. Groups are free to certify any on binary that is proposed. The only restriction that the user must agree to is the client software is not hacked, cracked or changed during execution. There are many applications that could use this type of security and it does not take away the users rights, it just protects the group. In closing, my proposal is based on the idea of game theory, that having a the "game" the binary changed often will in the long term root out "cheaters". By only allowing certified users access, and having a trust metric, it should be possible also to eliminate long term abusers. ------------------------------------------------------------------------------------------------------------------- mike ===== James Michael DuPont http://introspector.sourceforge.net/ __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- license-discuss archive is at http://crynwr.com/cgi-bin/ezmlm-cgi?3
