Re: [Bitcoin-development] Something people are forgetting about the Gentoo / Luke-jr censorship issue
On Friday 10. October 2014 19.26.49 Mike Hearn wrote: > I'm sure this suggestion will go down like a lead balloon, but Bitcoin Core > is not the first project that's had issues with Linux distros silently > modifying their software as they package it. And so far its been near impossible for those others to make distros not modify it. Firefox is actually a good idea, it made debian stop distributing it. Best solution is to build good relations with the packagers of distros. ps. Linux distros distributing GPL licensed apps are required by law to offer the sources of the thing they build and distribute as binary. Which allows you to check the difference with upstream. Most distros therefore have a process in place for this. Even for not FLOSS software like bitcoin core. -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Something people are forgetting about the Gentoo / Luke-jr censorship issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/10/2014 05:26 PM, Mike Hearn wrote: > I'm sure this suggestion will go down like a lead balloon, but > Bitcoin Core is not the first project that's had issues with Linux > distros silently modifying their software as they package it. In > this case Luke has changed things to be closer to what users > expect, which is good to see, but I expect to see the same issue > crop up with other Linux distributions in future. The temptation to > "improve" things when you're a middleman is just too great. > > The usual approach to fixing it is trademark the project name and > use that to enforce "clean" packaging. Firefox and Chrome both take > this approach. I'll probably do the same with Lighthouse (need to > figure out the trademarking process first). > > The goal here is not to remove choice, rather to ensure people know > what they're getting. It's reasonable to assume if you do "emerge > bitcoin" then you're getting Bitcoin Core as distributed by > bitcoin.org, not a highly opinionated fork of it. Renaming a > project and creating a package under the new name is not only > better for end users, but lets the fork grow into something else > and be more usable to people on other distros too. > > In this case "Bitcoin" is already a trademark, though I lost track > of who owns it at the moment (the foundation?) but I guess Bitcoin > Core is not. Regardless of whether this is a good idea or not in general, it won't work in the case of Gentoo (and similar source-based distributions) because Gentoo doesn't distribute software - they distribute instructions which allow end users to download, compile, and install software (ebuilds). On my system I can compile a modified Firefox that still calls itself "Firefox" by setting USE="-bindist". This would put Gentoo in violation of Mozilla's trademarks if they were distributing that modified version, but they aren't, so they're not. They just distribute the instructions that tells my copy of Portage how to compile the modified version. As long as I don't distribute the modified binaries I compiled, then neither am I violating Mozilla's trademarks. tl;dr: The trademarking approach is only effective with regards to binary distributions, not source-based distributions. - -- Support online privacy by using email encryption whenever possible. Learn how here: http://www.youtube.com/watch?v=bakOKJFtB-k -BEGIN PGP SIGNATURE- iQEcBAEBCAAGBQJUOChPAAoJEMP3uyY4RQ21DNoH/0Yb3GpF230UGfQQ7Y2qQ4Sr QTNW6hwMaLSwRvdnkAxmQf1S2I3da6AJkXcyyUavJuqw+m6lxdiA3OwUQOZblEUS HkZqajS3gpCCmYJGbHD+DT3YnvDaeIQmuacsxMTXpVWK5QleH6mSdpbomc2TCS+D JulZuSQJSB997uNKqYvQmwe0b3ImgND6omoOZABjFrLESeYgQWLFBthl9vwBLtFB DqRbyvrl6+vFzX9yObAt0+iSDkoHHkPbg2/KeUCKuJaIqvFyBo0t9dvx/tvQJupk TY39a/0MW8z524e2s2SwsZbmYXSBLTlDhkTbWR0lPQH5OOcrmH7cpEG1vsZH9yY= =tfaE -END PGP SIGNATURE- 0x38450DB5.asc Description: application/pgp-keys -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Something people are forgetting about the Gentoo / Luke-jr censorship issue
I'm sure this suggestion will go down like a lead balloon, but Bitcoin Core is not the first project that's had issues with Linux distros silently modifying their software as they package it. In this case Luke has changed things to be closer to what users expect, which is good to see, but I expect to see the same issue crop up with other Linux distributions in future. The temptation to "improve" things when you're a middleman is just too great. The usual approach to fixing it is trademark the project name and use that to enforce "clean" packaging. Firefox and Chrome both take this approach. I'll probably do the same with Lighthouse (need to figure out the trademarking process first). The goal here is not to remove choice, rather to ensure people know what they're getting. It's reasonable to assume if you do "emerge bitcoin" then you're getting Bitcoin Core as distributed by bitcoin.org, not a highly opinionated fork of it. Renaming a project and creating a package under the new name is not only better for end users, but lets the fork grow into something else and be more usable to people on other distros too. In this case "Bitcoin" is already a trademark, though I lost track of who owns it at the moment (the foundation?) but I guess Bitcoin Core is not. -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Something people are forgetting about the Gentoo / Luke-jr censorship issue
The whole issue is a troll, and I'm afraid you got sucked in. There are no plans to add a blacklist to Bitcoin Core. -- Jeff Garzik Bitcoin core developer and open source evangelist BitPay, Inc. https://bitpay.com/ -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
[Bitcoin-development] Something people are forgetting about the Gentoo / Luke-jr censorship issue
Hey folks, FYI the issue is that Luke-Jr wants to include code which can censor stuff like SatoshiDice transactions because he thinks they are denial of service: https://bugs.gentoo.org/show_bug.cgi?id=524512 While everyone is jumping on the neutrality Bitcoin should have, you're forgetting that there are also *legal* implications: The *technical ability'* to filter certain types of network traffic can cause you to be legally liable to *USE* it to filter illegal stuff. So even if the filter code is disabled by default, it can put Bitcoin users in legal danger: Law enforcement can try to force them to use it. This for sure depends on the country you are living in, but in general I think it can be agreed that it will be a lot easier to defend a "my node relays everything uncensored" policy against law enforcement if you wouldn't even have the technical ability to filter stuff because the code just cannot do it anyway. So please do not even include this code as disabled, and if possible do not even write or publish it :) Also, as I don't have a Gentoo bugtracker account, can someone please add this comment there? Thanks & Gretings, xor - a developer of https://freenetproject.org/ signature.asc Description: This is a digitally signed message part. -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development